← back
CVE-2025-9972

Planet Technology|Industrial Cellular Gateway - OS Command Injection

CVSS 9.3 CRITICALEPSS 2.2%CWE-78
Certain models of Industrial Cellular Gateway developed by Planet Technology have an OS Command Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary OS commands and execute them on the device.
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Affected products
Planet Technology · ICG-2510WG-LTE (EU/US)Planet Technology · ICG-2510W-LTE (EU/US)

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://www.planet.com.tw/en/support/security-advisory/8https://www.twcert.org.tw/en/cp-139-10390-7ce12-2.htmlhttps://www.twcert.org.tw/tw/cp-132-10389-265a3-1.html