8 matches found
CVE-2025-57457
An OS Command Injection vulnerability in the Admin panel in Curo UC300 5.42.1.7.1.63R1 allows local attackers to inject arbitrary OS Commands via the "IP Addr" parameter...
CVE-2025-57457
An OS Command Injection vulnerability in the Admin panel in Curo UC300 5.42.1.7.1.63R1 allows local attackers to inject arbitrary OS Commands via the "IP Addr" parameter...
EUVD-2025-33285
An OS Command Injection vulnerability in the Admin panel in Curo UC300 5.42.1.7.1.63R1 allows local attackers to inject arbitrary OS Commands via the "IP Addr" parameter...
CVE-2025-57457
An OS Command Injection vulnerability in the Admin panel in Curo UC300 5.42.1.7.1.63R1 allows local attackers to inject arbitrary OS Commands via the "IP Addr" parameter...
CVE-2025-57457
CVE-2025-57457 affects Curo UC300 (5.42.1.7.1.63R1). The Admin panel exposes an OS command injection via the IP Addr parameter, enabling local attackers to inject arbitrary OS commands. Root cause is unvalidated/unsanitized input in the IP Addr field. Impact is high: potential confidentiality, in...
Curo UC300 安全漏洞
Curo UC300 is a video phone device from Curo UK. A security vulnerability exists in Curo UC300 version 5.42.1.7.1.63R1, which stems from an unvalidated IP Addr parameter that could lead to an OS command injection attack...
CVE-2025-57457
An OS Command Injection vulnerability in the Admin panel in Curo UC300 5.42.1.7.1.63R1 allows local attackers to inject arbitrary OS Commands via the "IP Addr" parameter...
PT-2025-41301
Name of the Vulnerable Software and Affected Versions Curo UC300 version 5.42.1.7.1.63R1 Description A flaw exists within the Admin panel that permits local attackers to inject arbitrary OS Commands. The injection occurs through the IP Addr parameter. Recommendations At the moment, there is no...