High severity8.0NVD Advisory· Published Feb 2, 2026· Updated Apr 15, 2026
CVE-2025-9974
CVE-2025-9974
Description
The unified WEBUI application of the ONT/Beacon device contains an input handling flaw that allows authenticated users to trigger unintended system-level command execution. Due to insufficient validation of user-supplied data, a low-privileged authenticated attacker may be able to execute arbitrary commands on the underlying ONT/Beacon operating system, potentially impacting the confidentiality, integrity, and availability of the device.
Affected products
1Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.