22 matches found
CVE-2026-24348
Multiple cross-site scripting vulnerabilities in Admin UI of EZCast Pro II version 1.17478.146 allow attackers to execute arbitrary JavaScript code in the browser of other Admin UI users...
CVE-2026-24344
Multiple Buffer Overflows in Admin UI of EZCast Pro II version 1.17478.146 allow attackers to cause a program crash and potential remote code execution...
CVE-2026-24347
Improper input validation in Admin UI of EZCast Pro II version 1.17478.146 allows attackers to manipulate files in the /tmp directory...
CVE-2026-24348
Multiple cross-site scripting vulnerabilities in Admin UI of EZCast Pro II version 1.17478.146 allow attackers to execute arbitrary JavaScript code in the browser of other Admin UI users...
CVE-2026-24345
Cross-Site Request Forgery in Admin UI of EZCast Pro II version 1.17478.146 allows attackers to bypass authorization checks and gain full access to the admin UI...
EUVD-2026-4838
Multiple cross-site scripting vulnerabilities in Admin UI of EZCast Pro II version 1.17478.146 allow attackers to execute arbitrary JavaScript code in the browser of other Admin UI users...
CVE-2026-24347 Arbitrary file write to /tmp directory in EZCast Pro II Dongle
Improper input validation in Admin UI of EZCast Pro II version 1.17478.146 allows attackers to manipulate files in the /tmp directory...
CVE-2026-24346
CVE-2026-24346 affects EZCast Pro II Admin UI. The issue is the use of well-known default credentials in Admin UI of EZCast Pro II, version 1.17478.146, which can allow attackers to access protected areas of the web application. Root cause: default credentials remain unchanged in the Admin UI, en...
CVE-2026-24345 Cross-Site Request Forgery in EZCast Pro II Dongle
Cross-Site Request Forgery in Admin UI of EZCast Pro II version 1.17478.146 allows attackers to bypass authorization checks and gain full access to the admin UI...
CVE-2026-24345
Cross-Site Request Forgery in Admin UI of EZCast Pro II version 1.17478.146 allows attackers to bypass authorization checks and gain full access to the admin UI...
EUVD-2026-4822
Cross-Site Request Forgery in Admin UI of EZCast Pro II version 1.17478.146 allows attackers to bypass authorization checks and gain full access to the admin UI...
EUVD-2026-4842
Multiple Buffer Overflows in Admin UI of EZCast Pro II version 1.17478.146 allow attackers to cause a program crash and potential remote code execution...
EZCast Pro II security vulnerabilities
EZCast Pro II is a computer screen-sharing software developed by EZCast Corporation in China. This software allows for wireless sharing of data from computer devices onto televisions or projection screens. EZCast Pro supports screen allocation and projection permissions. Version 1.17478.146 of...
PT-2026-4880
Name of the Vulnerable Software and Affected Versions EZCast Pro II version 1.17478.146 Description A Cross-Site Request Forgery exists in the Admin UI. This allows attackers to bypass authorization checks and gain full access to the admin UI. Recommendations Update to a newer version that contai...
PT-2026-4907
Name of the Vulnerable Software and Affected Versions EZCast Pro II version 1.17478.146 Description The Admin UI of EZCast Pro II contains cross-site scripting flaws. Successful exploitation allows attackers to execute arbitrary JavaScript code within the browser of other Admin UI users...
CVE-2025-13955
Predictable default Wi-Fi Password in Access Point functionality in EZCast Pro II before version 1.17478.177 allows attackers in Wi-Fi range to gain access to the dongle by calculating the default password from observable device identifiers...
CVE-2025-13955
CVE-2025-13955 describes a vulnerability in EZCast Pro II dongle (software version 1.17478.146) where the Wi‑Fi access point password is predictable. Attackers within Wi‑Fi range can deduce the default password from observable device identifiers, granting access to the dongle. The vulnerability i...
CVE-2025-13955 Predictable Default Wi-Fi Password in EZCast Pro II Dongle
Predictable default Wi-Fi Password in Access Point functionality in EZCast Pro II before version 1.17478.177 allows attackers in Wi-Fi range to gain access to the dongle by calculating the default password from observable device identifiers...
CVE-2025-13954
Hard-coded cryptographic keys in Admin UI of EZCast Pro II before version 1.17478.177 allows attackers to bypass authorization checks and gain full access to the admin UI...
CVE-2025-13954
Summary: EZCast Pro II Admin UI (version 1.17478.146) exposes hard-coded cryptographic keys, allowing bypass of authorization checks and granting full admin UI access. Affected product/component: EZCast Pro II Admin UI. Root cause: hard-coded cryptographic keys in the Admin UI. Impact: unauthoriz...