CVE-2025-9974

Name of the Vulnerable Software and Affected Versions ONT/Beacon devices (affected versions not specified)

Description The unified WEBUI application contains a flaw in how it handles user input. This allows authenticated users to potentially execute commands on the underlying operating system. Insufficient validation of user-supplied data enables a low-privileged attacker to execute arbitrary commands, which could compromise the confidentiality, integrity, and availability of the device. The flaw impacts the system level, allowing for unintended command execution.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.