CVE-2025-46271 — AI Deep Analysis Summary

🚨 **Essence**: PLANET UNI-NMS-Lite suffers from **OS Command Injection**. 📉 **Consequences**: Attackers can read or manipulate device data, potentially compromising the entire network management system.

🛡️ **Root Cause**: **CWE-78** (Improper Neutralization of Special Elements used in an OS Command). The system fails to sanitize inputs before executing system commands.

🏢 **Affected**: **Planet Technology**'s **UNI-NMS-Lite** software. This is a general network management system for monitoring wired/wireless PoE industrial devices.

💀 **Impact**: High severity (**CVSS 3.1**). Attackers can achieve **High Confidentiality** and **High Integrity** impact. They can execute arbitrary OS commands, leading to full device control.

⚡ **Exploitation**: **Low Threshold**. Vector: **AV:N** (Network), **AC:L** (Low Complexity), **PR:N** (No Privileges Required), **UI:N** (No User Interaction). Easy to exploit remotely.

🔍 **Public Exploit**: **YES**. A Reverse Shell PoC is available on GitHub (`CVE-2025-46271-Reverse-Shell-PoC`). ⚠️ Use only for educational/defense purposes.

🔎 **Self-Check**: Scan for **UNI-NMS-Lite** instances exposed to the network. Look for command injection points in web interfaces or API endpoints. Check for CISA ICS Advisory **ICS-25-114-06**.

🛠️ **Fix**: Refer to official vendor updates. The vulnerability was published on **2025-04-24**. Check Planet Technology's security advisories for patches or updates.

🚧 **No Patch?**: Implement strict **Input Validation** and **Output Encoding**. Restrict network access to the NMS interface via firewalls. Disable unnecessary services.

🔥 **Urgency**: **CRITICAL**. Due to **No Auth Required** and **Network Accessible** nature, immediate patching or mitigation is required to prevent remote code execution.