Planet Wgr-500 vulnerabilities
9 known vulnerabilities affecting planet/wgr-500.
Total CVEs
9
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH9
Vulnerabilities
Page 1 of 1
CVE-2025-54403P2HIGHCVSS 8.8vv1.3411b1909122025-10-07
CVE-2025-54403 [HIGH] CWE-78 CVE-2025-54403: Multiple OS command injection vulnerabilities exist in the swctrl functionality of Planet WGR-500 v1
Multiple OS command injection vulnerabilities exist in the swctrl functionality of Planet WGR-500 v1.3411b190912. A specially crafted network request can lead to arbitrary command execution. An attacker can send a network request to trigger these vulnerabilities.This command injection is related to the `new_password` request parameter.
nvd
CVE-2025-54404P2HIGHCVSS 8.8vv1.3411b1909122025-10-07
CVE-2025-54404 [HIGH] CWE-78 CVE-2025-54404: Multiple OS command injection vulnerabilities exist in the swctrl functionality of Planet WGR-500 v1
Multiple OS command injection vulnerabilities exist in the swctrl functionality of Planet WGR-500 v1.3411b190912. A specially crafted network request can lead to arbitrary command execution. An attacker can send a network request to trigger these vulnerabilities.This command injection is related to the `new_device_name` request parameter.
nvd
CVE-2025-54405P2HIGHCVSS 8.8vv1.3411b1909122025-10-07
CVE-2025-54405 [HIGH] CWE-78 CVE-2025-54405: Multiple OS command injection vulnerabilities exist in the formPingCmd functionality of Planet WGR-5
Multiple OS command injection vulnerabilities exist in the formPingCmd functionality of Planet WGR-500 v1.3411b190912. A specially crafted series of HTTP requests can lead to arbitrary command execution. An attacker can send a series of HTTP requests to trigger these vulnerabilities.This command injection is related to the `ipaddr` request parameter.
nvd
CVE-2025-54406P2HIGHCVSS 8.8vv1.3411b1909122025-10-07
CVE-2025-54406 [HIGH] CWE-78 CVE-2025-54406: Multiple OS command injection vulnerabilities exist in the formPingCmd functionality of Planet WGR-5
Multiple OS command injection vulnerabilities exist in the formPingCmd functionality of Planet WGR-500 v1.3411b190912. A specially crafted series of HTTP requests can lead to arbitrary command execution. An attacker can send a series of HTTP requests to trigger these vulnerabilities.This command injection is related to the `counts` request parameter.
nvd
CVE-2025-48826P2HIGHCVSS 8.8vv1.3411b1909122025-10-07
CVE-2025-48826 [HIGH] CWE-134 CVE-2025-48826: A format string vulnerability exists in the formPingCmd functionality of Planet WGR-500 v1.3411b1909
A format string vulnerability exists in the formPingCmd functionality of Planet WGR-500 v1.3411b190912. A specially crafted series of HTTP requests can lead to memory corruption. An attacker can send a series of HTTP requests to trigger this vulnerability.
nvd
CVE-2025-54402P2HIGHCVSS 8.8vv1.3411b1909122025-10-07
CVE-2025-54402 [HIGH] CWE-121 CVE-2025-54402: Multiple stack-based buffer overflow vulnerabilities exist in the formPingCmd functionality of Plane
Multiple stack-based buffer overflow vulnerabilities exist in the formPingCmd functionality of Planet WGR-500 v1.3411b190912. A specially crafted series of HTTP requests can lead to stack-based buffer overflow. An attacker can send a series of HTTP requests to trigger these vulnerabilities.This buffer overflow is related to the `submit-url` and `ipadd
nvd
CVE-2025-54401P2HIGHCVSS 8.8vv1.3411b1909122025-10-07
CVE-2025-54401 [HIGH] CWE-121 CVE-2025-54401: Multiple stack-based buffer overflow vulnerabilities exist in the formPingCmd functionality of Plane
Multiple stack-based buffer overflow vulnerabilities exist in the formPingCmd functionality of Planet WGR-500 v1.3411b190912. A specially crafted series of HTTP requests can lead to stack-based buffer overflow. An attacker can send a series of HTTP requests to trigger these vulnerabilities.This buffer overflow is related to the `submit-url` request pa
nvd
CVE-2025-54399P3HIGHCVSS 8.8vv1.3411b1909122025-10-07
CVE-2025-54399 [HIGH] CWE-121 CVE-2025-54399: Multiple stack-based buffer overflow vulnerabilities exist in the formPingCmd functionality of Plane
Multiple stack-based buffer overflow vulnerabilities exist in the formPingCmd functionality of Planet WGR-500 v1.3411b190912. A specially crafted series of HTTP requests can lead to stack-based buffer overflow. An attacker can send a series of HTTP requests to trigger these vulnerabilities.This buffer overflow is related to the `ipaddr` request parame
nvd
CVE-2025-54400P3HIGHCVSS 8.8vv1.3411b1909122025-10-07
CVE-2025-54400 [HIGH] CWE-121 CVE-2025-54400: Multiple stack-based buffer overflow vulnerabilities exist in the formPingCmd functionality of Plane
Multiple stack-based buffer overflow vulnerabilities exist in the formPingCmd functionality of Planet WGR-500 v1.3411b190912. A specially crafted series of HTTP requests can lead to stack-based buffer overflow. An attacker can send a series of HTTP requests to trigger these vulnerabilities.This buffer overflow is related to the `counts` request parame
nvd