Nozomi Networks Waterfall WF-500 RX Host OS Command Injection Vulnerability

Vulnerability

A command injection vulnerability has been identified in the Waterfall WF-500 RX Host, version 7.9.1.0 R2502171040. This vulnerability allows attackers with access to the TX Host to execute arbitrary code on the RX Host, but only when a MySQL connector is configured.

Impact

Exploitation of this vulnerability allows for arbitrary code execution on the RX Host.

Added: May 29, 2026, 12:19 PM

Updated: May 29, 2026, 12:19 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

4.3

remediation

0.0

relevance

9.8

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

4.3

remediation

0.0

relevance

9.8

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Nozomi Networks Waterfall WF-500 RX Host OS Command Injection Vulnerability

Vulnerability

Impact

Affected Products

Nozomi Networks WF-500 RX Host

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating