Volerion logoVolerion
Volerion logoVolerion

Nokia ONT/Beacon Command Injection Vulnerability in WEBUI Application

Vulnerability

A command injection vulnerability has been identified in the unified WEBUI application of Nokia ONT/Beacon devices. This flaw allows authenticated users to execute arbitrary commands on the device's operating system. The vulnerability arises from inadequate validation of user input, enabling low-privileged authenticated attackers to disrupt the device's normal functioning and potentially compromise its confidentiality, integrity, and availability.

Impact

Exploitation of this vulnerability could lead to unauthorized execution of system-level commands on the affected device, allowing an authenticated attacker to manipulate the device's operating system and potentially disrupt its normal operations or compromise sensitive information.

Remediation

Users can upgrade to version BBDR2503 or later to address this vulnerability. For more details, please contact Nokia support.

Added: Feb 2, 2026, 9:39 AM
Updated: Feb 2, 2026, 4:40 PM

Vulnerability Rating

Custom Algorithm
spread
0.0
impact
2.5
exploitability
3.5
remediation
0.0
relevance
2.4
threat
0.0
urgency
2.9
incentive
0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.