CVE-2025-9974

CVSS Score & Metrics

Base Score

8.8 / 10

Vector String

                                        CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H                                    

Vulnerability Description

The unified WEBUI application of the ONT/Beacon device contains an input handling flaw that allows authenticated users to trigger unintended system-level command execution. Due to insufficient validation of user-supplied data, a low-privileged authenticated attacker may be able to execute arbitrary commands on the underlying ONT/Beacon operating system, potentially impacting the confidentiality, integrity, and availability of the device.

Vulnerability Details

Published Date

February 02, 2026

Last Modified

February 03, 2026

CWE ID

CWE-78

Source

NVD

External References

https://www.nokia.com/we-are-nokia/security/product-security-advisory/cve-2025-9974/

CVSS Score & Metrics

Vulnerability Description

Vulnerability Details

External References

Discussion (0)

Add Comment