CVE-2025-60956

Cross Site Request Forgery CSRF vulnerability in EndRun Technologies Sonoma D12 Network Time Server GPS F/W 6010-0071-000 Ver 4.00 allows attackers to execute arbitrary code, cause a denial of service, gain escalated privileges, and gain sensitive information...

CVE-2025-60967

Cross Site Scripting XSS vulnerability in EndRun Technologies Sonoma D12 Network Time Server GPS F/W 6010-0076-000 Ver 4.00 allows attackers to gain sensitive information...

CVE-2025-60965

OS Command Injection vulnerability in EndRun Technologies Sonoma D12 Network Time Server GPS F/W 6010-0071-000 Ver 4.00 allows attackers to execute arbitrary code, cause a denial of service, gain escalated privileges, gain sensitive information, and possibly other unspecified impacts...

CVE-2025-60967

Cross Site Scripting XSS vulnerability in EndRun Technologies Sonoma D12 Network Time Server GPS F/W 6010-0076-000 Ver 4.00 allows attackers to gain sensitive information...

PT-2025-40922

Name of the Vulnerable Software and Affected Versions EndRun Technologies Sonoma D12 Network Time Server GPS version 4.00 Description A Cross Site Request Forgery CSRF flaw exists in EndRun Technologies Sonoma D12 Network Time Server GPS. Successful exploitation could allow attackers to execute...

CVE-2025-60958

EndRun Technologies Sonoma D12 Network Time Server (GPS) firmware 4.00 (6010-0071-000) is affected by a Cross Site Scripting (XSS) vulnerability. The issue could lead to disclosure of sensitive information. The Tenable.ot/Nessus and other feeds confirm XSS in the D12 appliance; no patch/version r...