CVE-2025-15388

HIGH WAF: High

CVSS 8.8 Published: 2025-12-31

CWE-78

VPN Firewall developed by QNO Technology has an OS Command Injection vulnerability, allowing authenticated remote attackers to inject arbitrary OS commands and execute them on the server.

WAF Coverage Analysis

OS Command Injection High WAF Coverage

OWASP: A03:2021 Injection

932xxx - Remote Code Execution

References

www.twcert.org.tw
www.twcert.org.tw

Back to CVE Database