CVE-2025-41278

Severity CVSS v4.0:
HIGH
Type:
CWE-125 Out-of-bounds Read
Publication date:
29/05/2026
Last modified:
01/06/2026

Description

Nozomi Networks Labs identified a CWE-125: Out-of-bounds Read in Waterfall WF-500 RX Host in version 7.10.0.0 R2601141040 that allows attackers with access to the TX Host to execute code on the RX Host.

Vulnerable products and versions

CPE From Up to
cpe:2.3:o:waterfall-security:wf-500_firmware:*:*:*:*:*:*:*:* 7.9.1.0_r2502171040 (including)
cpe:2.3:h:waterfall-security:wf-500:-:*:*:*:*:*:*:*