Multiple vulnerabilities in I-O DATA HDL-T Series
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 2 |
| CVE-ID | CVE-2025-32002 CVE-2025-32738 |
| CWE-ID | CWE-78 CWE-306 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
HDL-TC1 Hardware solutions / Firmware HDL-TC500 Hardware solutions / Firmware HDL-T1NV Hardware solutions / Firmware HDL-T1WH Hardware solutions / Firmware HDL-T2NV Hardware solutions / Firmware HDL-T2WH Hardware solutions / Firmware HDL-T3NV Hardware solutions / Firmware HDL-T3WH Hardware solutions / Firmware |
| Vendor | I-O DATA |
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
1) OS Command Injection
EUVDB-ID: #VU109825
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2025-32002
CWE-ID:
CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary shell commands on the target system.
The vulnerability exists due to improper input validation when "Remote Link3" function is enabled. A remote unauthenticated attacker can pass specially crafted data to the application and execute arbitrary OS commands on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsHDL-TC1: - - 1.21
HDL-TC500: - - 1.21
HDL-T1NV: - - 1.21
HDL-T1WH: - - 1.21
HDL-T2NV: - - 1.21
HDL-T2WH: - - 1.21
HDL-T3NV: - - 1.21
HDL-T3WH: - - 1.21
CPE2.3- cpe:2.3:h:i-o_data:hdl-tc1:*:*:*:*:*:*:*:*
- cpe:2.3:h:i-o_data:hdl-tc1:1.21:*:*:*:*:*:*:*
- cpe:2.3:h:i-o_data:hdl-tc500:*:*:*:*:*:*:*:*
- cpe:2.3:h:i-o_data:hdl-tc500:1.21:*:*:*:*:*:*:*
- cpe:2.3:h:i-o_data:hdl-t1nv:*:*:*:*:*:*:*:*
- cpe:2.3:h:i-o_data:hdl-t1nv:1.21:*:*:*:*:*:*:*
- cpe:2.3:h:i-o_data:hdl-t1wh:*:*:*:*:*:*:*:*
- cpe:2.3:h:i-o_data:hdl-t1wh:1.21:*:*:*:*:*:*:*
- cpe:2.3:h:i-o_data:hdl-t2nv:*:*:*:*:*:*:*:*
- cpe:2.3:h:i-o_data:hdl-t2nv:1.21:*:*:*:*:*:*:*
- cpe:2.3:h:i-o_data:hdl-t2wh:*:*:*:*:*:*:*:*
- cpe:2.3:h:i-o_data:hdl-t3nv:*:*:*:*:*:*:*:*
- cpe:2.3:h:i-o_data:hdl-t3wh:*:*:*:*:*:*:*:*
https://jvn.jp/en/vu/JVNVU91726405/
https://www.iodata.jp/support/information/2025/05_hdl-t/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Missing Authentication for Critical Function
EUVDB-ID: #VU109826
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2025-32738
CWE-ID:
CWE-306 - Missing Authentication for Critical Function
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to missing authentication for critical function. A remote attacker can change the product settings.
MitigationInstall updates from vendor's website.
Vulnerable software versionsHDL-TC1: - - 1.21
HDL-TC500: - - 1.21
HDL-T1NV: - - 1.21
HDL-T1WH: - - 1.21
HDL-T2NV: - - 1.21
HDL-T2WH: - - 1.21
HDL-T3NV: - - 1.21
HDL-T3WH: - - 1.21
CPE2.3- cpe:2.3:h:i-o_data:hdl-tc1:*:*:*:*:*:*:*:*
- cpe:2.3:h:i-o_data:hdl-tc1:1.21:*:*:*:*:*:*:*
- cpe:2.3:h:i-o_data:hdl-tc500:*:*:*:*:*:*:*:*
- cpe:2.3:h:i-o_data:hdl-tc500:1.21:*:*:*:*:*:*:*
- cpe:2.3:h:i-o_data:hdl-t1nv:*:*:*:*:*:*:*:*
- cpe:2.3:h:i-o_data:hdl-t1nv:1.21:*:*:*:*:*:*:*
- cpe:2.3:h:i-o_data:hdl-t1wh:*:*:*:*:*:*:*:*
- cpe:2.3:h:i-o_data:hdl-t1wh:1.21:*:*:*:*:*:*:*
- cpe:2.3:h:i-o_data:hdl-t2nv:*:*:*:*:*:*:*:*
- cpe:2.3:h:i-o_data:hdl-t2nv:1.21:*:*:*:*:*:*:*
- cpe:2.3:h:i-o_data:hdl-t2wh:*:*:*:*:*:*:*:*
- cpe:2.3:h:i-o_data:hdl-t3nv:*:*:*:*:*:*:*:*
- cpe:2.3:h:i-o_data:hdl-t3wh:*:*:*:*:*:*:*:*
https://jvn.jp/en/vu/JVNVU91726405/
https://www.iodata.jp/support/information/2025/05_hdl-t/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
