Medium severity6.6NVD Advisory· Published Jan 22, 2025· Updated Apr 15, 2026

CVE-2025-23237

Description

Improper neutralization of special elements used in an OS command ('OS Command Injection') issue exists in UD-LT2 firmware Ver.1.00.008_SE and earlier. If a user logs in to CLI of the affected product, an arbitrary OS command may be executed.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

jvn.jp/en/jp/JVN15293958/nvd
www.iodata.jp/support/information/2025/01_ud-lt2/nvd

News mentions

No linked articles in our index yet.

cvss	0.429
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000