CVE-2025-46273 is a critical authentication flaw affecting multiple Planet Technology products. CISA states that all affected products use hard-coded credentials, which could allow an unauthenticated attacker to gain administrative privileges to UNI-NMS managed devices. The advisory was published on 2025-04-24 and revised on 2025-05-06 for typo fixes; the underlying risk remains unchanged.
CVE-2025-46271 is a critical, network-reachable command-injection vulnerability affecting Planet Technology network management products. According to CISA’s CSAF advisory, an unauthenticated attacker could read or manipulate device data on affected systems. Vendor patches are available, and the advisory was initially published on 2025-04-24 and later revised on 2025-05-06 for typo fixes only.
