Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
8 CRITICAL9 HIGH3 MEDIUM
CVE-2025-41271
HIGH CVSS 8.7
Find Similar
Nozomi Networks Labs identified a CWE-23: Relative Path Traversal in the Console WebUI in Waterfall WF-500 TX and RX Hosts in version 7.9.1.0 R2502171040 that allows remote unauthenticated attackers t
waterfall-security
NVD RRF 0.016
CVE-2025-41268
HIGH CVSS 8.8
Find Similar
Nozomi Networks Labs identified a CWE-23: Relative Path Traversal in the Administration WebUI in Waterfall WF-500 TX and RX Hosts in version 7.9.1.0 R2502171040 that allows remote unauthenticated atta
waterfall-security
NVD RRF 0.016
CVE-2025-41280
HIGH CVSS 7.5
Find Similar
Nozomi Networks Labs identified a CWE-23: Relative Path Traversal (Zip Slip) in Waterfall WF-500 RX Host in version 7.9.1.0 R2502171040 that allows attackers with access to the TX Host to execute code
waterfall-security
NVD RRF 0.016
CVE-2025-41273
CRITICAL CVSS 9.3
Find Similar
Nozomi Networks Labs identified a CWE-288: Authentication Bypass Using an Alternate Path or Channel in the Console WebUI in Waterfall WF-500 TX and RX Hosts in version 7.9.1.0 R2502171040 that allows
waterfall-security
NVD RRF 0.016
CVE-2025-41278
HIGH CVSS 7.5
Find Similar
Nozomi Networks Labs identified a CWE-125: Out-of-bounds Read in Waterfall WF-500 RX Host in version 7.10.0.0 R2601141040 that allows attackers with access to the TX Host to execute code on the RX Hos
waterfall-security
NVD RRF 0.015
CVE-2025-41279
HIGH CVSS 8.6
Find Similar
Nozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in the Administration WebUI in Waterfall WF-500 RX Host in version
waterfall-security
NVD RRF 0.015
CVE-2025-41267
HIGH CVSS 8.5
Find Similar
Nozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in the Administration WebUI in Waterfall WF-500 TX Host in version
waterfall-security
NVD RRF 0.015
CVE-2025-41266
HIGH CVSS 8.6
Find Similar
Nozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in the Administration WebUI in Waterfall WF-500 TX Host in version
waterfall-security
NVD RRF 0.015
CVE-2025-41265
HIGH CVSS 8.6
Find Similar
Nozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in the Administration WebUI in Waterfall WF-500 TX Host in version
waterfall-security
NVD RRF 0.014
CVE-2025-41277
CRITICAL CVSS 9.3
Find Similar
Nozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in the Console WebUI in Waterfall WF-500 TX and RX Hosts in version
waterfall-security
NVD RRF 0.014
CVE-2025-41276
CRITICAL CVSS 9.3
Find Similar
Nozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in the Console WebUI in Waterfall WF-500 TX and RX Hosts in version
waterfall-security
NVD RRF 0.014
CVE-2025-41275
CRITICAL CVSS 9.3
Find Similar
Nozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in the Console WebUI in Waterfall WF-500 TX and RX Hosts in version
waterfall-security
NVD RRF 0.014
CVE-2025-41274
CRITICAL CVSS 9.3
Find Similar
Nozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in the Console WebUI in Waterfall WF-500 TX and RX Hosts in version
waterfall-security
NVD RRF 0.014
CVE-2025-41272
CRITICAL CVSS 9.3
Find Similar
Nozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in the Console WebUI in Waterfall WF-500 TX and RX Hosts in version
waterfall-security
NVD RRF 0.014
CVE-2025-41270
CRITICAL CVSS 9.3
Find Similar
Nozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in the Console WebUI in Waterfall WF-500 TX and RX Hosts in version
waterfall-security
NVD RRF 0.013
CVE-2025-41269
CRITICAL CVSS 9.3
Find Similar
Nozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in the Console WebUI in Waterfall WF-500 TX and RX Hosts in version
waterfall-security
NVD RRF 0.013
CVE-2025-53609
MEDIUM CVSS 4.9
Find Similar
A Relative Path Traversal vulnerability [CWE-23] in FortiWeb 7.6.0 through 7.6.4, 7.4.0 through 7.4.8, 7.2.0 through 7.2.11, 7.0.2 through 7.0.11 may allow an authenticated attacker to perform an arbi
fortinet
NVD RRF 0.013
CVE-2025-41281
HIGH CVSS 7.5
Find Similar
Nozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in Waterfall WF-500 RX Host in version 7.9.1.0 R2502171040 that all
waterfall-security
NVD RRF 0.013
CVE-2024-48892
MEDIUM CVSS 4.9
Find Similar
A relative path traversal vulnerability [CWE-23] in FortiSOAR 7.6.0, 7.5.0 through 7.5.1, 7.4 all versions, 7.3 all versions may allow an authenticated attacker to read arbitrary files via uploading a
fortinet
NVD RRF 0.013
CVE-2025-22859
MEDIUM CVSS 5.3
Find Similar
A Relative Path Traversal vulnerability [CWE-23] in FortiClientEMS 7.4.0 through 7.4.1 and FortiClientEMS Cloud 7.4.0 through 7.4.1 may allow a remote unauthenticated attacker to perform a limited arb
fortinet
NVD RRF 0.013
Page 1+ Next →