ProSoft Technology ICX35-HWC gateways are vulnerable to a critical command injection flaw that permits remote attackers to execute arbitrary system commands with root-level privileges.

The web interface fails to properly validate input in certain fields, allowing attackers to inject malicious shell commands. These commands are executed by the system with root-level authority.

Total compromise of the gateway device is possible, allowing attackers to install persistent backdoors, sniff traffic, or disrupt critical industrial operations. The CVSS score of 9.8 indicates a maximum-severity risk due to the ease of exploitation and high level of access granted.

Immediate Action: Upgrade the ICX35-HWC firmware to the latest secure version immediately to eliminate command injection vectors.

Proactive Monitoring: Use network intrusion detection systems (IDS) to scan for shell-related keywords (e.g., /bin/sh, sudo, cat /etc/passwd) in HTTP traffic directed at the device.

Compensating Controls: Restrict access to the web interface to a trusted management network and implement strict egress filtering to prevent the device from communicating with attacker-controlled servers.

Public Exploit Available: false

Root-level command injection is one of the most dangerous vulnerabilities possible for a network device. Immediate firmware replacement or upgrading is the only effective way to mitigate this critical risk.