CVE-2025-54400

High CVSS: 8.8

Multiple stack-based buffer overflow vulnerabilities exist in the formPingCmd functionality of Planet WGR-500 v1.3411b190912. A specially crafted series of HTTP requests can lead to stack-based buffer overflow. An attacker can send a series of HTTP requests to trigger these vulnerabilities.This buffer overflow is related to the `counts` request parameter for composing the `"ping -c <counts> <ipaddr> 2>&1 > %s &"` string.

Vendor

Planet

Product

Wgr-500 Firmware

CWE

CWE-121

Yayın Tarihi

2025-10-07 14:15:37

Güncelleme

2025-11-03 18:16:59

Source Identifier

talos-cna@cisco.com

KEV Date Added

Kategoriler

CWE-121 Wgr-500 Firmware HIGH Planet 2025

Referanslar

https://talosintelligence.com/vulnerability_reports/TALOS-2025-2226 https://www.talosintelligence.com/vulnerability_reports/TALOS-2025-2226

Benzer Kayıtlar

High

CVE-2025-54403

Multiple OS command injection vulnerabilities exist in the swctrl functionality of Planet WGR-500 v1.3411b190912. A spec…

High

CVE-2025-54404

Multiple OS command injection vulnerabilities exist in the swctrl functionality of Planet WGR-500 v1.3411b190912. A spec…

High

CVE-2025-54405

Multiple OS command injection vulnerabilities exist in the formPingCmd functionality of Planet WGR-500 v1.3411b190912. A…

High

CVE-2025-54406

Multiple OS command injection vulnerabilities exist in the formPingCmd functionality of Planet WGR-500 v1.3411b190912. A…

High

CVE-2025-54399

Multiple stack-based buffer overflow vulnerabilities exist in the formPingCmd functionality of Planet WGR-500 v1.3411b19…

High

CVE-2025-54401

Multiple stack-based buffer overflow vulnerabilities exist in the formPingCmd functionality of Planet WGR-500 v1.3411b19…