CVE-2025-23237 Information

Description

Improper neutralization of special elements used in an OS command (‘OS Command Injection’) issue exists in UD-LT2 firmware Ver.1.00.008_SE and earlier. If a user logs in to CLI of the affected product an arbitrary OS command may be executed.

Reference

https://jvn.jp/en/jp/JVN15293958/ https://www.iodata.jp/support/information/2025/01_ud-lt2/