Planet WGR-500 Format String Vulnerability in formPingCmd Functionality

Vulnerability

A format string vulnerability has been identified in the Planet WGR-500 router, specifically in version 1.3411b190912. The issue arises within the formPingCmd function, where user-supplied data is improperly handled, leading to memory corruption. An attacker can exploit this vulnerability by sending a series of crafted HTTP requests.

Impact

Exploitation of this vulnerability can result in memory corruption, which may be leveraged for arbitrary code execution.

Added: Oct 7, 2025, 2:26 PM

Updated: Oct 7, 2025, 2:26 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

6.3

remediation

0.0

relevance

0.6

threat

4.8

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

6.3

remediation

0.0

relevance

0.6

threat

4.8

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Planet WGR-500 Format String Vulnerability in formPingCmd Functionality

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating