Wf 500
Monthly
OS command injection in Waterfall WF-500 RX Host version 7.9.1.0 R2502171040 allows an attacker who already controls the TX Host to execute arbitrary commands on the RX Host when a MySQL connector is configured on the unidirectional gateway. The flaw was discovered by Nozomi Networks Labs and there is no public exploit identified at time of analysis; EPSS is low at 0.18% (40th percentile).
Relative path traversal (Zip Slip) in Waterfall WF-500 RX Host version 7.9.1.0 R2502171040 enables code execution on the RX side when attackers already control the TX Host and the deployment uses a MySQL connector with file compression enabled. The flaw, tracked as CWE-23 and reported by Nozomi Networks Labs, has no public exploit identified at time of analysis and an EPSS of 0.02% (4th percentile), but it meaningfully undermines the data-diode trust boundary the WF-500 is deployed to enforce.
Authenticated OS command injection in the Waterfall WF-500 RX Host Administration WebUI (version 7.9.1.0 R2502171040) allows attackers with high privileges to execute arbitrary operating system commands on the unidirectional gateway appliance. The flaw was discovered and reported by Nozomi Networks Labs, carries a CVSS 4.0 score of 8.6, and an EPSS of 0.70% (72nd percentile); no public exploit identified at time of analysis. Because WF-500 is deployed as a data-diode between IT and OT/ICS networks, code execution on the RX Host effectively compromises a critical security boundary.
Out-of-bounds read in the Waterfall WF-500 RX Host (firmware 7.10.0.0 R2601141040) enables an attacker who already controls the TX Host to execute code on the receiving (RX) side, bypassing the unidirectional security guarantee the data diode is designed to enforce. Discovered by Nozomi Networks Labs with no public exploit identified at time of analysis and an EPSS score of 0.02%, the issue is significant because it undermines the OT/IT segmentation use case the product exists to provide. The vulnerability is not listed in CISA KEV and there is no evidence of active exploitation.
Remote OS command execution in Waterfall WF-500 TX and RX Hosts version 7.9.1.0 R2502171040 allows unauthenticated network attackers to run arbitrary operating system commands through the Console WebUI. The flaw, identified by Nozomi Networks Labs and tracked as CVE-2025-41277, carries a CVSS 4.0 base score of 9.3 and represents a critical risk for industrial environments relying on Waterfall's data diode gateways. No public exploit identified at time of analysis, and EPSS sits at 1.02% (78th percentile) indicating elevated but not yet widespread exploitation activity.
Remote code execution in Waterfall WF-500 TX and RX Host appliances (version 7.9.1.0 R2502171040) allows unauthenticated network attackers to inject and execute arbitrary OS commands through the Console WebUI. Discovered by Nozomi Networks Labs, the flaw carries a CVSS 4.0 score of 9.3 with no required privileges or user interaction; no public exploit identified at time of analysis, and EPSS sits at 1.02% (78th percentile).
Remote unauthenticated OS command injection in the Waterfall WF-500 TX and RX Host Console WebUI (version 7.9.1.0 R2502171040) allows attackers reachable on the management network to execute arbitrary operating system commands on the appliance. The flaw was reported by Nozomi Networks Labs, carries a CVSS 4.0 score of 9.3, and currently has no public exploit identified at time of analysis, with an EPSS score of 1.02% (78th percentile).
Remote code execution in Waterfall WF-500 TX and RX Hosts (version 7.9.1.0 R2502171040) allows unauthenticated attackers to inject and execute arbitrary OS commands through the Console WebUI. The flaw, identified by Nozomi Networks Labs, carries a CVSS 4.0 score of 9.3 and represents a critical risk to industrial unidirectional gateway deployments. No public exploit identified at time of analysis, and EPSS is 1.02% (78th percentile), suggesting elevated but not yet widespread exploitation interest.
Authentication bypass in Waterfall WF-500 TX and RX Hosts version 7.9.1.0 R2502171040 allows remote unauthenticated attackers to perform privileged actions through the Console WebUI via an alternate path or channel. Discovered by Nozomi Networks Labs, the flaw scores CVSS 9.3 (Critical) under v4.0 with network attack vector and no privileges required, though EPSS is low at 0.14% (34th percentile) and no public exploit identified at time of analysis. Given Waterfall's role in OT/ICS unidirectional gateway deployments, successful exploitation of the management console could enable adversaries to manipulate security-critical configurations.
Remote unauthenticated OS command injection in Waterfall WF-500 TX and RX Hosts version 7.9.1.0 R2502171040 allows attackers reachable over the network to execute arbitrary operating system commands through the Console WebUI. The flaw was discovered by Nozomi Networks Labs and carries a CVSS 4.0 score of 9.3; no public exploit identified at time of analysis, and EPSS sits at 1.02% (78th percentile) indicating moderate predicted exploitation interest.
Arbitrary file read in Waterfall WF-500 TX and RX Hosts version 7.9.1.0 R2502171040 allows remote unauthenticated attackers to retrieve sensitive files from the device through a path traversal flaw in the Console WebUI. Discovered and disclosed by Nozomi Networks Labs, the issue scores CVSS 4.0 8.7 with network attack vector and no privileges required, though no public exploit identified at time of analysis and the device is not currently listed in CISA KEV.
Remote OS command injection in Waterfall WF-500 TX and RX Hosts version 7.9.1.0 R2502171040 allows unauthenticated network attackers to execute arbitrary operating system commands via the Console WebUI. The flaw was identified by Nozomi Networks Labs and carries a CVSS 4.0 score of 9.3, though there is no public exploit identified at time of analysis and EPSS sits at 1.02%, indicating elevated but not yet realized exploitation pressure.
Remote command execution in Waterfall WF-500 TX and RX Hosts (version 7.9.1.0 R2502171040) allows unauthenticated network attackers to run arbitrary operating system commands via the Console WebUI. The flaw was disclosed by Nozomi Networks Labs and carries a CVSS 4.0 score of 9.3, but no public exploit identified at time of analysis and EPSS sits at 1.02% (78th percentile), indicating credible but not yet widespread exploitation pressure.
Arbitrary file deletion in Waterfall WF-500 TX/RX Hosts version 7.9.1.0 R2502171040 allows remote unauthenticated attackers to remove files on the host machine via a relative path traversal flaw in the Administration WebUI. The flaw was identified by Nozomi Networks Labs; no public exploit identified at time of analysis, and the EPSS score of 1.38% (81st percentile) indicates moderately elevated but not extreme exploitation likelihood. Because Waterfall WF-500 is a unidirectional security gateway deployed at OT/IT boundaries in industrial environments, file deletion can directly disrupt data diode operations.
Authenticated OS command injection in the Administration WebUI of Waterfall WF-500 TX Host version 7.9.1.0 R2502171040 lets high-privileged remote users execute arbitrary operating system commands on the host. The flaw was identified by Nozomi Networks Labs and carries a CVSS 4.0 score of 8.5, but with no public exploit identified and a modest EPSS of 0.70% (72th percentile), real-world exploitation pressure is currently moderate rather than urgent.
Authenticated OS command injection in the Waterfall WF-500 TX Host Administration WebUI (version 7.9.1.0 R2502171040) allows remote attackers with high privileges to execute arbitrary operating system commands on the underlying host. The flaw was identified by Nozomi Networks Labs and carries a CVSSv4 score of 8.6, but no public exploit identified at time of analysis and EPSS sits at 0.70% (72th percentile), reflecting limited expected exploitation activity against this niche OT/industrial product.
OS command injection in the Administration WebUI of Waterfall WF-500 TX Host version 7.9.1.0 R2502171040 enables authenticated remote attackers to execute arbitrary operating system commands on the underlying host. The flaw was disclosed by Nozomi Networks Labs and carries a CVSS 4.0 score of 8.6; no public exploit identified at time of analysis, and EPSS exploitation probability is modest at 0.70%.
OS command injection in Waterfall WF-500 RX Host version 7.9.1.0 R2502171040 allows an attacker who already controls the TX Host to execute arbitrary commands on the RX Host when a MySQL connector is configured on the unidirectional gateway. The flaw was discovered by Nozomi Networks Labs and there is no public exploit identified at time of analysis; EPSS is low at 0.18% (40th percentile).
Relative path traversal (Zip Slip) in Waterfall WF-500 RX Host version 7.9.1.0 R2502171040 enables code execution on the RX side when attackers already control the TX Host and the deployment uses a MySQL connector with file compression enabled. The flaw, tracked as CWE-23 and reported by Nozomi Networks Labs, has no public exploit identified at time of analysis and an EPSS of 0.02% (4th percentile), but it meaningfully undermines the data-diode trust boundary the WF-500 is deployed to enforce.
Authenticated OS command injection in the Waterfall WF-500 RX Host Administration WebUI (version 7.9.1.0 R2502171040) allows attackers with high privileges to execute arbitrary operating system commands on the unidirectional gateway appliance. The flaw was discovered and reported by Nozomi Networks Labs, carries a CVSS 4.0 score of 8.6, and an EPSS of 0.70% (72nd percentile); no public exploit identified at time of analysis. Because WF-500 is deployed as a data-diode between IT and OT/ICS networks, code execution on the RX Host effectively compromises a critical security boundary.
Out-of-bounds read in the Waterfall WF-500 RX Host (firmware 7.10.0.0 R2601141040) enables an attacker who already controls the TX Host to execute code on the receiving (RX) side, bypassing the unidirectional security guarantee the data diode is designed to enforce. Discovered by Nozomi Networks Labs with no public exploit identified at time of analysis and an EPSS score of 0.02%, the issue is significant because it undermines the OT/IT segmentation use case the product exists to provide. The vulnerability is not listed in CISA KEV and there is no evidence of active exploitation.
Remote OS command execution in Waterfall WF-500 TX and RX Hosts version 7.9.1.0 R2502171040 allows unauthenticated network attackers to run arbitrary operating system commands through the Console WebUI. The flaw, identified by Nozomi Networks Labs and tracked as CVE-2025-41277, carries a CVSS 4.0 base score of 9.3 and represents a critical risk for industrial environments relying on Waterfall's data diode gateways. No public exploit identified at time of analysis, and EPSS sits at 1.02% (78th percentile) indicating elevated but not yet widespread exploitation activity.
Remote code execution in Waterfall WF-500 TX and RX Host appliances (version 7.9.1.0 R2502171040) allows unauthenticated network attackers to inject and execute arbitrary OS commands through the Console WebUI. Discovered by Nozomi Networks Labs, the flaw carries a CVSS 4.0 score of 9.3 with no required privileges or user interaction; no public exploit identified at time of analysis, and EPSS sits at 1.02% (78th percentile).
Remote unauthenticated OS command injection in the Waterfall WF-500 TX and RX Host Console WebUI (version 7.9.1.0 R2502171040) allows attackers reachable on the management network to execute arbitrary operating system commands on the appliance. The flaw was reported by Nozomi Networks Labs, carries a CVSS 4.0 score of 9.3, and currently has no public exploit identified at time of analysis, with an EPSS score of 1.02% (78th percentile).
Remote code execution in Waterfall WF-500 TX and RX Hosts (version 7.9.1.0 R2502171040) allows unauthenticated attackers to inject and execute arbitrary OS commands through the Console WebUI. The flaw, identified by Nozomi Networks Labs, carries a CVSS 4.0 score of 9.3 and represents a critical risk to industrial unidirectional gateway deployments. No public exploit identified at time of analysis, and EPSS is 1.02% (78th percentile), suggesting elevated but not yet widespread exploitation interest.
Authentication bypass in Waterfall WF-500 TX and RX Hosts version 7.9.1.0 R2502171040 allows remote unauthenticated attackers to perform privileged actions through the Console WebUI via an alternate path or channel. Discovered by Nozomi Networks Labs, the flaw scores CVSS 9.3 (Critical) under v4.0 with network attack vector and no privileges required, though EPSS is low at 0.14% (34th percentile) and no public exploit identified at time of analysis. Given Waterfall's role in OT/ICS unidirectional gateway deployments, successful exploitation of the management console could enable adversaries to manipulate security-critical configurations.
Remote unauthenticated OS command injection in Waterfall WF-500 TX and RX Hosts version 7.9.1.0 R2502171040 allows attackers reachable over the network to execute arbitrary operating system commands through the Console WebUI. The flaw was discovered by Nozomi Networks Labs and carries a CVSS 4.0 score of 9.3; no public exploit identified at time of analysis, and EPSS sits at 1.02% (78th percentile) indicating moderate predicted exploitation interest.
Arbitrary file read in Waterfall WF-500 TX and RX Hosts version 7.9.1.0 R2502171040 allows remote unauthenticated attackers to retrieve sensitive files from the device through a path traversal flaw in the Console WebUI. Discovered and disclosed by Nozomi Networks Labs, the issue scores CVSS 4.0 8.7 with network attack vector and no privileges required, though no public exploit identified at time of analysis and the device is not currently listed in CISA KEV.
Remote OS command injection in Waterfall WF-500 TX and RX Hosts version 7.9.1.0 R2502171040 allows unauthenticated network attackers to execute arbitrary operating system commands via the Console WebUI. The flaw was identified by Nozomi Networks Labs and carries a CVSS 4.0 score of 9.3, though there is no public exploit identified at time of analysis and EPSS sits at 1.02%, indicating elevated but not yet realized exploitation pressure.
Remote command execution in Waterfall WF-500 TX and RX Hosts (version 7.9.1.0 R2502171040) allows unauthenticated network attackers to run arbitrary operating system commands via the Console WebUI. The flaw was disclosed by Nozomi Networks Labs and carries a CVSS 4.0 score of 9.3, but no public exploit identified at time of analysis and EPSS sits at 1.02% (78th percentile), indicating credible but not yet widespread exploitation pressure.
Arbitrary file deletion in Waterfall WF-500 TX/RX Hosts version 7.9.1.0 R2502171040 allows remote unauthenticated attackers to remove files on the host machine via a relative path traversal flaw in the Administration WebUI. The flaw was identified by Nozomi Networks Labs; no public exploit identified at time of analysis, and the EPSS score of 1.38% (81st percentile) indicates moderately elevated but not extreme exploitation likelihood. Because Waterfall WF-500 is a unidirectional security gateway deployed at OT/IT boundaries in industrial environments, file deletion can directly disrupt data diode operations.
Authenticated OS command injection in the Administration WebUI of Waterfall WF-500 TX Host version 7.9.1.0 R2502171040 lets high-privileged remote users execute arbitrary operating system commands on the host. The flaw was identified by Nozomi Networks Labs and carries a CVSS 4.0 score of 8.5, but with no public exploit identified and a modest EPSS of 0.70% (72th percentile), real-world exploitation pressure is currently moderate rather than urgent.
Authenticated OS command injection in the Waterfall WF-500 TX Host Administration WebUI (version 7.9.1.0 R2502171040) allows remote attackers with high privileges to execute arbitrary operating system commands on the underlying host. The flaw was identified by Nozomi Networks Labs and carries a CVSSv4 score of 8.6, but no public exploit identified at time of analysis and EPSS sits at 0.70% (72th percentile), reflecting limited expected exploitation activity against this niche OT/industrial product.
OS command injection in the Administration WebUI of Waterfall WF-500 TX Host version 7.9.1.0 R2502171040 enables authenticated remote attackers to execute arbitrary operating system commands on the underlying host. The flaw was disclosed by Nozomi Networks Labs and carries a CVSS 4.0 score of 8.6; no public exploit identified at time of analysis, and EPSS exploitation probability is modest at 0.70%.