692 matches found
CVE-2025-14432 Poly Video - Sensitive Data Might Be Written to Log File
In limited scenarios, sensitive data might be written to the log file if an admin uses Microsoft Teams Admin Center TAC to make device configuration changes. The affected log file is visible only to users with admin credentials. This is limited to Microsoft TAC and does not affect configuration...
PT-2025-51682
In limited scenarios, sensitive data might be written to the log file if an admin uses Microsoft Teams Admin Center TAC to make device configuration changes. The affected log file is visible only to users with admin credentials. This is limited to Microsoft TAC and does not affect configuration...
D-Link DAP-1325 访问控制错误漏洞
The D-Link DAP-1325 is a wireless access point/bridge from China's AUO D-Link, which is primarily used to provide wireless network coverage and has a bridging function to convert a wired network to a wireless network or connect two wireless networks together. An access control error vulnerability...
CVE-2025-41746
An XSS vulnerability in pxcportSecCfg.php can be used by an unauthenticated remote attacker to trick an authenticated user to send a manipulated POST request to the device in order to change parameters available via web based management WBM. The vulnerability does not provide access to system-lev...
CVE-2025-41748
An XSS vulnerability in pxcDot1xCfg.php can be used by an unauthenticated remote attacker to trick an authenticated user to click on the link provided by the attacker in order to change parameters available via web based management WBM. The vulnerability does not provide access to system-level...
CVE-2025-41752
An XSS vulnerability in pxcportSfp.php can be used by an unauthenticated remote attacker to trick an authenticated user to click on the link provided by the attacker in order to change parameters available via web based management WBM. The vulnerability does not provide access to system-level...
EUVD-2025-201901
An XSS vulnerability in pxcportCntr.php can be used by an unauthenticated remote attacker to trick an authenticated user to click on the link provided by the attacker in order to change parameters available via web based management WBM. The vulnerability does not provide access to system-level...
CVE-2025-41748
An XSS vulnerability in pxcDot1xCfg.php can be used by an unauthenticated remote attacker to trick an authenticated user to click on the link provided by the attacker in order to change parameters available via web based management WBM. The vulnerability does not provide access to system-level...
CVE-2025-41750
An XSS vulnerability in pxcPortCfg.php can be used by an unauthenticated remote attacker to trick an authenticated user to click on the link provided by the attacker in order to change parameters available via web based management WBM. The vulnerability does not provide access to system-level...
CVE-2025-41752
An XSS vulnerability in pxcportSfp.php can be used by an unauthenticated remote attacker to trick an authenticated user to click on the link provided by the attacker in order to change parameters available via web based management WBM. The vulnerability does not provide access to system-level...
CVE-2025-41751
An XSS vulnerability in pxcportCntr.php can be used by an unauthenticated remote attacker to trick an authenticated user to click on the link provided by the attacker in order to change parameters available via web based management WBM. The vulnerability does not provide access to system-level...
CVE-2025-41749
An XSS vulnerability in portutil.php can be used by an unauthenticated remote attacker to trick an authenticated user to click on the link provided by the attacker in order to change parameters available via web based management WBM. The vulnerability does not provide access to system-level...
CVE-2025-41749
An XSS vulnerability in portutil.php can be used by an unauthenticated remote attacker to trick an authenticated user to click on the link provided by the attacker in order to change parameters available via web based management WBM. The vulnerability does not provide access to system-level...
CVE-2025-41747
An XSS vulnerability in pxcvlanIntfCfg.php can be used by an unauthenticated remote attacker to trick an authenticated user to send a manipulated POST request to the device in order to change parameters available via web based management WBM. The vulnerability does not provide access to...
CVE-2025-41745
An XSS vulnerability in pxcportCntr2.php can be used by an unauthenticated remote attacker to trick an authenticated user to send a manipulated POST request to the device in order to change parameters available via web based management WBM. The vulnerability does not provide access to system-leve...
CVE-2025-41695
An XSS vulnerability in dynconn.php can be used by an unauthenticated remote attacker to trick an authenticated user to send a manipulated POST request to the device in order to change parameters available via web based management WBM. The vulnerability does not provide access to system-level...
CVE-2025-41745
CVE-2025-41745 describes an XSS in pxc_portCntr2.php that allows an unauthenticated attacker to trick an authenticated user into sending a manipulated POST to modify web-based management parameters. The vulnerability affects devices exposing the pxc_portCntr2.php page within their web management ...
CVE-2025-41746 Reflected XSS vulnerability in pxc_portSecCfg.php
An XSS vulnerability in pxcportSecCfg.php can be used by an unauthenticated remote attacker to trick an authenticated user to send a manipulated POST request to the device in order to change parameters available via web based management WBM. The vulnerability does not provide access to system-lev...
CVE-2025-41746
CVE-2025-41746 is a reflected XSS vulnerability in pxc_portSecCfg.php (pxc_portSecCfg.php/pxc portSecCfg.php as reported) that an unauthenticated attacker could leverage to induce an authenticated user to submit a manipulated POST request to change device configuration via the web UI. The issue i...
CVE-2025-41748 Reflected XSS vulnerability in pxc_Dot1xCfg.php
An XSS vulnerability in pxcDot1xCfg.php can be used by an unauthenticated remote attacker to trick an authenticated user to click on the link provided by the attacker in order to change parameters available via web based management WBM. The vulnerability does not provide access to system-level...