CVE-2025-57457

An OS Command Injection vulnerability in the Admin panel in Curo UC300 5.42.1.7.1.63R1 allows local attackers to inject arbitrary OS Commands via the "IP Addr" parameter...

CVE-2025-57457

An OS Command Injection vulnerability in the Admin panel in Curo UC300 5.42.1.7.1.63R1 allows local attackers to inject arbitrary OS Commands via the "IP Addr" parameter...

Curo UC300 安全漏洞

Curo UC300 is a video phone device from Curo UK. A security vulnerability exists in Curo UC300 version 5.42.1.7.1.63R1, which stems from an unvalidated IP Addr parameter that could lead to an OS command injection attack...

CVE-2025-57457

An OS Command Injection vulnerability in the Admin panel in Curo UC300 5.42.1.7.1.63R1 allows local attackers to inject arbitrary OS Commands via the "IP Addr" parameter...

EUVD-2025-33285

An OS Command Injection vulnerability in the Admin panel in Curo UC300 5.42.1.7.1.63R1 allows local attackers to inject arbitrary OS Commands via the "IP Addr" parameter...

PT-2025-41301

Name of the Vulnerable Software and Affected Versions Curo UC300 version 5.42.1.7.1.63R1 Description A flaw exists within the Admin panel that permits local attackers to inject arbitrary OS Commands. The injection occurs through the IP Addr parameter. Recommendations At the moment, there is no...

CVE-2025-57457

An OS Command Injection vulnerability in the Admin panel in Curo UC300 5.42.1.7.1.63R1 allows local attackers to inject arbitrary OS Commands via the "IP Addr" parameter...

CVE-2025-57457

CVE-2025-57457 affects Curo UC300 (5.42.1.7.1.63R1). The Admin panel exposes an OS command injection via the IP Addr parameter, enabling local attackers to inject arbitrary OS commands. Root cause is unvalidated/unsanitized input in the IP Addr field. Impact is high: potential confidentiality, in...