CVE-2025-54406 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

Multiple OS command injection vulnerabilities exist in the formPingCmd functionality of Planet WGR-500 v1.3411b190912. A specially crafted series of HTTP reques…
High CVSS: 8.8

CVE-2025-54406

Multiple OS command injection vulnerabilities exist in the formPingCmd functionality of Planet WGR-500 v1.3411b190912. A specially crafted series of HTTP requests can lead to arbitrary command execution. An attacker can send a series of HTTP requests to trigger these vulnerabilities.This command injection is related to the `counts` request parameter.
Vendor
Planet
Product
Wgr-500 Firmware
CWE
CWE-78
Yayın Tarihi
2025-10-07 14:15:38
Güncelleme
2025-11-03 18:16:59
Source Identifier
talos-cna@cisco.com
KEV Date Added
-

Kategoriler

CWE-78 Wgr-500 Firmware HIGH Planet 2025

Referanslar

https://talosintelligence.com/vulnerability_reports/TALOS-2025-2229 https://www.talosintelligence.com/vulnerability_reports/TALOS-2025-2229