CVE-2025-20617 Information

Description

Improper neutralization of special elements used in an OS command (‘OS Command Injection’) issue exists in UD-LT2 firmware Ver.1.00.008_SE and earlier. If this vulnerability is exploited an arbitrary OS command may be executed by an attacker who can access the affected product with an administrative account.

Reference

https://jvn.jp/en/jp/JVN15293958/ https://www.iodata.jp/support/information/2025/01_ud-lt2/