Wayos · Wayos · CVE-2025-11045
**Name of the Vulnerable Software and Affected Versions**
WAYOS versions 22.03.17 (LQ 04, LQ 05, LQ 06, LQ 07, and LQ 09)
**Description**
A flaw exists in WAYOS that allows for command injection. This occurs due to the manipulation of the `Name` argument within an unknown function of the `/usb paswd.asp` file. The attack can be initiated remotely. The exploit is publicly available.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.