|
3041
|
9.8 |
CRITICAL
Network
|
waterfall-security
|
wf-500_firmware
|
Nozomi Networks Labs identified a CWE-288: Authentication Bypass Using an Alternate Path or Channel in the Console WebUI in Waterfall WF-500 TX and RX Hosts in version 7.9.1.0 R2502171040 that allows…
|
CWE-288
Authentication Bypass Using an Alternate Path or Channel
|
CVE-2025-41273
|
2026-06-2 03:57 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3042
|
9.8 |
CRITICAL
Network
|
waterfall-security
|
wf-500_firmware
|
Nozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in the Console WebUI in Waterfall WF-500 TX and RX Hosts in versio…
|
CWE-78
OS Command
|
CVE-2025-41274
|
2026-06-2 03:56 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3043
|
9.8 |
CRITICAL
Network
|
waterfall-security
|
wf-500_firmware
|
Nozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in the Console WebUI in Waterfall WF-500 TX and RX Hosts in versio…
|
CWE-78
OS Command
|
CVE-2025-41275
|
2026-06-2 03:56 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3044
|
9.8 |
CRITICAL
Network
|
waterfall-security
|
wf-500_firmware
|
Nozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in the Console WebUI in Waterfall WF-500 TX and RX Hosts in versio…
|
CWE-78
OS Command
|
CVE-2025-41276
|
2026-06-2 03:56 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3045
|
9.8 |
CRITICAL
Network
|
waterfall-security
|
wf-500_firmware
|
Nozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in the Console WebUI in Waterfall WF-500 TX and RX Hosts in versio…
|
CWE-78
OS Command
|
CVE-2025-41277
|
2026-06-2 03:56 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3046
|
7.8 |
HIGH
Local
|
waterfall-security
|
wf-500_firmware
|
Nozomi Networks Labs identified a CWE-125: Out-of-bounds Read in Waterfall WF-500 RX Host in version 7.10.0.0 R2601141040 that allows attackers with access to the TX Host to execute code on the RX Ho…
|
CWE-125
Out-of-bounds Read
|
CVE-2025-41278
|
2026-06-2 03:56 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3047
|
7.8 |
HIGH
Local
|
waterfall-security
|
wf-500_firmware
|
Nozomi Networks Labs identified a CWE-23: Relative Path Traversal (Zip Slip) in Waterfall WF-500 RX Host in version 7.9.1.0 R2502171040 that allows attackers with access to the TX Host to execute cod…
|
CWE-23
Relative Path Traversal
|
CVE-2025-41280
|
2026-06-2 03:56 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3048
|
7.2 |
HIGH
Network
|
waterfall-security
|
wf-500_firmware
|
Nozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in the Administration WebUI in Waterfall WF-500 RX Host in version…
|
CWE-78
OS Command
|
CVE-2025-41279
|
2026-06-2 03:55 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3049
|
7.8 |
HIGH
Local
|
waterfall-security
|
wf-500_firmware
|
Nozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in Waterfall WF-500 RX Host in version 7.9.1.0 R2502171040 that al…
|
CWE-78
OS Command
|
CVE-2025-41281
|
2026-06-2 03:55 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3050
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Billy is an interface filesystem abstraction for Go. Prior to versions 5.9.0 and 6.0.0-alpha.1, multiple components may improperly handle crafted or malformed input, resulting in panics, infinite loo…
|
CWE-674
CWE-835
Uncontrolled Recursion
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2026-44740
|
2026-06-2 03:53 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
