26 matches found
EUVD-2025-7161
Malicious code in bioql PyPI...
EUVD-2025-7154
Malicious code in bioql PyPI...
EUVD-2025-29079
Malicious code in bioql PyPI...
CVE-2025-45587
A stack overflow in the FTP service of Audi UTR 2.0 Universal Traffic Recorder 2.0 allows attackers to cause a Denial of Service DoS via a crafted input...
CVE-2025-45585
Multiple stored cross-site scripting XSS vulnerabilities in Audi UTR 2.0 Universal Traffic Recorder 2.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the wifistassid or wifiapssid parameters...
CVE-2025-45587
A stack overflow in the FTP service of Audi UTR 2.0 Universal Traffic Recorder 2.0 allows attackers to cause a Denial of Service DoS via a crafted input...
CVE-2025-45584
Incorrect access control in the web service of Audi UTR 2.0 Universal Traffic Recorder 2.0 allows attackers to download car information without authentication...
CVE-2025-45585
Multiple stored cross-site scripting XSS vulnerabilities in Audi UTR 2.0 Universal Traffic Recorder 2.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the wifistassid or wifiapssid parameters...
CVE-2025-45583
Incorrect access control in the FTP protocol of Audi UTR 2.0 Universal Traffic Recorder 2.0 allows attackers to authenticate into the service using any combination of username and password...
CVE-2025-45585
Multiple stored cross-site scripting XSS vulnerabilities in Audi UTR 2.0 Universal Traffic Recorder 2.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the wifistassid or wifiapssid parameters...
PT-2025-37349
Name of the Vulnerable Software and Affected Versions: Audi UTR 2.0 Universal Traffic Recorder version 2.0 Description: The software contains multiple stored cross-site scripting XSS vulnerabilities. Attackers can execute arbitrary web scripts or HTML by injecting a crafted payload into the wifi...
Audi UTR 2.0 安全漏洞
Audi UTR 2.0 is an in-vehicle car recording system from Audi Germany. A security vulnerability exists in Audi UTR 2.0, which originates from improper access control of the FTP protocol, which allows an attacker to authenticate using any combination of username and password...
CVE-2025-45586
CVE-2025-45586 affects Audi UTR 2.0 Universal Traffic Recorder 2.0. The issue allows an attacker to arbitrarily overwrite files by sending a crafted PUT request. The connected sources consistently describe a file overwrite condition via a crafted PUT to the affected application, but do not provid...
CVE-2025-45583
Incorrect access control in the FTP protocol of Audi UTR 2.0 Universal Traffic Recorder 2.0 allows attackers to authenticate into the service using any combination of username and password...
CVE-2025-45584
Incorrect access control in the web service of Audi UTR 2.0 Universal Traffic Recorder 2.0 allows attackers to download car information without authentication...
CVE-2025-2557
A vulnerability, which was classified as critical, has been found in Audi UTR Dashcam 2.0. Affected by this issue is some unknown functionality of the component Command API. The manipulation leads to improper access controls. The attack needs to be done within the local network. The exploit has...
CVE-2025-2556
A vulnerability classified as problematic was found in Audi UTR Dashcam 2.0. Affected by this vulnerability is an unknown functionality of the component Video Stream Handler. The manipulation leads to hard-coded credentials. The attack can only be initiated within the local network. The exploit h...
CVE-2025-2557
A vulnerability, which was classified as critical, has been found in Audi UTR Dashcam 2.0. Affected by this issue is some unknown functionality of the component Command API. The manipulation leads to improper access controls. The attack needs to be done within the local network. The exploit has...
CVE-2025-2557 Audi UTR Dashcam Command API access control
A vulnerability, which was classified as critical, has been found in Audi UTR Dashcam 2.0. Affected by this issue is some unknown functionality of the component Command API. The manipulation leads to improper access controls. The attack needs to be done within the local network. The exploit has...
CVE-2025-2557
CVE-2025-2557 affects Audi UTR Dashcam 2.0, specifically the Command API component, with an underlying issue of improper access controls. The vulnerability requires local-network access, and public disclosures of the exploit are noted in sources. Remediation exists: upgrade to version 2.89 (new c...