Nozomi Networks Waterfall WF-500 RX Host Relative Path Traversal Vulnerability Allowing Code Execution

Vulnerability

A relative path traversal vulnerability, known as Zip Slip, has been identified in the Waterfall WF-500 RX Host, specifically in version 7.9.1.0 R2502171040. This vulnerability allows attackers with access to the TX Host to execute code on the RX Host, but only when a MySQL connector is configured and file compression is enabled.

Impact

Exploitation of this vulnerability could lead to unauthorized code execution on the RX Host.

Added: May 29, 2026, 12:20 PM

Updated: May 29, 2026, 12:20 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

5.2

remediation

0.0

relevance

9.8

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

5.2

remediation

0.0

relevance

9.8

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Nozomi Networks Waterfall WF-500 RX Host Relative Path Traversal Vulnerability Allowing Code Execution

Vulnerability

Impact

Affected Products

Nozomi Networks WF-500 RX Host

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating