Security

CVE ID : CVE-2025-44039

Published : May 13, 2025, 3:15 p.m. | 1 hour, 9 minutes ago

Description : CP-XR-DE21-S -4G Router Firmware version 1.031.022 was discovered to contain insecure protections for its UART console. This vulnerability allows local attackers to connect to the UART port via a serial connection, read all boot sequence, and revealing internal system details and sensitive information without any authentication.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-44831

Published : May 13, 2025, 3:15 p.m. | 1 hour, 9 minutes ago

Description : EngineerCMS v1.02 through v2.0.5 has a SQL injection vulnerability in the /project/addproject interface.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-45859

Published : May 13, 2025, 3:15 p.m. | 1 hour, 9 minutes ago

Description : TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow via the bandstr parameter in the formMapDelDevice interface.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-45864

Published : May 13, 2025, 3:15 p.m. | 1 hour, 9 minutes ago

Description : TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow via the addrPoolStart parameter in the formDhcpv6s interface.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-45866

Published : May 13, 2025, 3:15 p.m. | 1 hour, 9 minutes ago

Description : TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow via the addrPoolEnd parameter in the formDhcpv6s interface.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-45867

Published : May 13, 2025, 3:15 p.m. | 1 hour, 9 minutes ago

Description : TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow via the static_dns1 parameter in the formIpv6Setup interface.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-41645

Published : May 13, 2025, 9:15 a.m. | 1 hour, 29 minutes ago

Description : An unauthenticated remote attacker could use a demo account of the portal to hijack devices that were created in that account by mistake.

Severity: 8.6 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-26389

Published : May 13, 2025, 10:15 a.m. | 29 minutes ago

Description : A vulnerability has been identified in OZW672 (All versions
Severity: 10.0 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-26390

Published : May 13, 2025, 10:15 a.m. | 29 minutes ago

Description : A vulnerability has been identified in OZW672 (All versions
Severity: 9.8 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-32454

Published : May 13, 2025, 10:15 a.m. | 1 hour, 52 minutes ago

Description : A vulnerability has been identified in Teamcenter Visualization V14.3 (All versions
Severity: 7.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-31930

Published : May 13, 2025, 10:15 a.m. | 29 minutes ago

Description : A vulnerability has been identified in IEC 1Ph 7.4kW Child socket (8EM1310-2EH04-0GA0) (All versions
Severity: 8.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-40555

Published : May 13, 2025, 10:15 a.m. | 1 hour, 52 minutes ago

Description : A vulnerability has been identified in APOGEE PXC+TALON TC Series (BACnet) (All versions). Affected devices start sending unsolicited BACnet broadcast messages after processing a specific BACnet createObject request. This could allow an attacker residing in the same BACnet network to send a specially crafted message that results in a partial denial of service condition of the targeted device, and potentially reduce the availability of BACnet network. A power cycle is required to restore the device’s normal operation.

Severity: 4.7 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-33025

Published : May 13, 2025, 10:15 a.m. | 1 hour, 52 minutes ago

Description : A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions
Severity: 9.9 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-33024

Published : May 13, 2025, 10:15 a.m. | 1 hour, 52 minutes ago

Description : A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions
Severity: 9.9 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-32469

Published : May 13, 2025, 10:15 a.m. | 29 minutes ago

Description : A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions
Severity: 9.9 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-40556

Published : May 13, 2025, 10:15 a.m. | 1 hour, 52 minutes ago

Description : A vulnerability has been identified in BACnet ATEC 550-440 (All versions), BACnet ATEC 550-441 (All versions), BACnet ATEC 550-445 (All versions), BACnet ATEC 550-446 (All versions). Affected devices improperly handle specific incoming BACnet MSTP messages. This could allow an attacker residing in the same BACnet network to send a specially crafted MSTP message that results in a denial of service condition of the targeted device. A power cycle is required to restore the device’s normal operation.

Severity: 6.5 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-40566

Published : May 13, 2025, 10:15 a.m. | 29 minutes ago

Description : A vulnerability has been identified in SIMATIC PCS neo V4.1 (All versions
Severity: 8.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-40571

Published : May 13, 2025, 10:15 a.m. | 1 hour, 52 minutes ago

Description : A vulnerability has been identified in Mendix OIDC SSO (Mendix 10 compatible) (All versions
Severity: 2.2 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-40572

Published : May 13, 2025, 10:15 a.m. | 1 hour, 52 minutes ago

Description : A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions). Affected devices do not properly assign permissions to critical ressources.
This could allow a non-privileged local attacker to access sensitive information stored on the device.

Severity: 5.5 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-40573

Published : May 13, 2025, 10:15 a.m. | 1 hour, 52 minutes ago

Description : A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions). Affected devices are vulnerable to path traversal attacks.
This could allow a privileged local attacker to restore backups that are outside the backup folder.

Severity: 4.4 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…