CVE-2025-48826

Summary

A format string vulnerability exists in the formPingCmd functionality of Planet WGR-500 v1.3411b190912. A specially crafted series of HTTP requests can lead to memory corruption. An attacker can send a series of HTTP requests to trigger this vulnerability.

Affected Software

VendorProductVersion RangeStatus
PlanetWGR-500v1.3411b190912affected

Weaknesses

  • CWE-134: CWE-134: Use of Externally-Controlled Format String

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

CVE Program Container

Additional References

References