EUVD-2025-208690

Tinycontrol devices such as tcPDU and LAN Controllers LK3.5, LK3.9 and LK4 allow a low privileged user to read an administrator's password by directly accessing a specific resource inaccessible via a graphical interface. This issue has been fixed in firmware versions: 1.36 for tcPDU, 1.67 for LK3...

PT-2025-31946

Name of the Vulnerable Software and Affected Versions Jointelli 5G CPE 21H01 firmware version 1.36 Description Jointelli 5G CPE 21H01 firmware version 1.36 contains a blind OS command injection issue. Multiple API endpoints are vulnerable, including /ubus/?flag=set WPS pin, /ubus/?flag=netAppStar...