Vulnerability Details CVE-2025-41271
Nozomi Networks Labs identified a CWE-23: Relative Path Traversal in the Console WebUI in Waterfall WF-500 TX and RX Hosts in version 7.9.1.0 R2502171040 that allows remote unauthenticated attackers to read arbitrary files from the device.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 20.4%
CVSS Severity
CVSS v3 Score 7.5
Products affected by CVE-2025-41271
-
cpe:2.3:h:waterfall-security:wf-500:-
-
cpe:2.3:o:waterfall-security:wf-500_firmware:*