OS Command Injection Vulnerability in iND Co., Ltd. Products
CVE-2025-53508

8.6HIGH

Key Information:

Vendor: Ind Co.,ltd
Status: Hl330-dls (for Module Mc7700); Hl330-dls (for Module Mc7330); Hl320-dls (for Module Mc7700); Hl320-dls (for Module Mc7330)
Vendor: CVE Published:; 29 August 2025

🔔 Create Ind Co.,ltd Vulnerability Alert

What is CVE-2025-53508?

Multiple products from iND Co., Ltd. exhibit an OS command injection vulnerability that could allow an attacker to execute arbitrary OS commands. Exploiting this flaw may lead to unauthorized access to sensitive information, compromising the security of affected systems.

Affected Version(s)

F2L Assist-SS-A firmware version 1.03 and earlier

F2L Assist-SS-E firmware version 1.01 and earlier

HL320-DLS (for module MC7330) firmware version 2.02t and earlier

References

https://www.i-netd.co.jp/vulnerability/dceid-2025-001/

https://jvn.jp/en/jp/JVN50585992/

CVSS V4

Score:

8.6

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

CVSS V3.0

Score:

7.2

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 29, 2025
Vulnerability Reserved
Jul 2, 2025