20 matches found
CVE-2025-63210
The Newtec Celox UHD models: CELOXA504, CELOXA820 running firmware version celox-21.6.13 is vulnerable to an authentication bypass. An attacker can exploit this issue by modifying intercepted responses from the /celoxservice endpoint. By injecting a forged response body during the loginWithUserNa...
CVE-2025-63210
The Newtec Celox UHD models: CELOXA504, CELOXA820 running firmware version celox-21.6.13 is vulnerable to an authentication bypass. An attacker can exploit this issue by modifying intercepted responses from the /celoxservice endpoint. By injecting a forged response body during the loginWithUserNa...
Newtec Celox UHD CELOXA504和Newtec Celox UHD CELOXA820 安全漏洞
The Newtec Celox UHD CELOXA504 and Newtec Celox UHD CELOXA820 are both a broadcast video processing and transmission platform from Newtec Corporation, USA. A security vulnerability exists in the Newtec Celox UHD CELOXA504 and Newtec Celox UHD CELOXA820 celox-21.6.13 releases, which stems from an...
CVE-2025-63210
The Newtec Celox UHD models: CELOXA504, CELOXA820 running firmware version celox-21.6.13 is vulnerable to an authentication bypass. An attacker can exploit this issue by modifying intercepted responses from the /celoxservice endpoint. By injecting a forged response body during the loginWithUserNa...
CVE-2025-63210
The CVE-2025-63210 affects Newtec Celox UHD devices CELOXA504 and CELOXA820 running celox-21.6.13. The vulnerability is an authentication bypass where an attacker can modify intercepted responses from the /celoxservice endpoint during loginWithUserName, injecting a forged response body to gain Su...
EUVD-2024-51635
Malicious code in bioql PyPI...
EUVD-2024-51636
Malicious code in bioql PyPI...
CVE-2024-13502
Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in Newtec/iDirect NTC2218, NTC2250, NTC2299 on Linux, PowerPC, ARM allows Local Code Inclusion.This issue affects NTC2218, NTC2250, NTC2299: from 1.0.1.1 through 2.2.6.19. The commitmulticast pa...
CVE-2024-13503
Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in Newtec NTC2218, NTC2250, NTC2299 on Linux, PowerPC, ARM Updating signaling process in the swdownload binary modules allows Local Execution of Code, Remote Code Inclusion. This issue affects NTC2218, NTC2250,...
CVE-2024-13503
Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in Newtec NTC2218, NTC2250, NTC2299 on Linux, PowerPC, ARM Updating signaling process in the swdownload binary modules allows Local Execution of Code, Remote Code Inclusion. This issue affects NTC2218, NTC2250,...
CVE-2024-13502
Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in Newtec/iDirect NTC2218, NTC2250, NTC2299 on Linux, PowerPC, ARM allows Local Code Inclusion.This issue affects NTC2218, NTC2250, NTC2299: from 1.0.1.1 through 2.2.6.19. The commitmulticast pa...
CVE-2024-13502
CVE-2024-13502 affects Newtec/iDirect NTC2218, NTC2250, NTC2299 on Linux, PowerPC, ARM. The issue is an OS command injection caused by improper neutralization: the commit_multicast web interface page passes untrusted input to an eval in a bash script, enabling arbitrary shell commands (Local Code...
CVE-2024-13503
CVE-2024-13503 affects Newtec NTC2218, NTC2250 and NTC2299 on Linux (PowerPC/ARM). A stack buffer overflow in the swdownload binary is caused by an unrestricted sscanf in the parse_INFO function, reading an incoming network packet into a fixed-size buffer. This leads to arbitrary code execution w...
CVE-2024-13503 Stack-Based Buffer Overflow in Newtec's update signaling causes RCE
Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in Newtec NTC2218, NTC2250, NTC2299 on Linux, PowerPC, ARM Updating signaling process in the swdownload binary modules allows Local Execution of Code, Remote Code Inclusion. This issue affects NTC2218, NTC2250,...
CVE-2024-13503 Stack-Based Buffer Overflow in Newtec's update signaling causes RCE
Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in Newtec NTC2218, NTC2250, NTC2299 on Linux, PowerPC, ARM Updating signaling process in the swdownload binary modules allows Local Execution of Code, Remote Code Inclusion. This issue affects NTC2218, NTC2250,...
Newtec/iDirect NTC2218、Newtec/iDirect NTC2250和Newtec/iDirect NTC2299 操作系统命令注入漏洞
The Newtec/iDirect NTC2218 and others are a modem from Newtec/iDirect. An operating system command injection vulnerability exists in the Newtec/iDirect NTC2218, Newtec/iDirect NTC2250, and Newtec/iDirect NTC2299, which stems from an unsatisfactory neutralization of a special element that results ...
PT-2025-2193 · Newtec · Newtec Ntc2299 +2
Name of the Vulnerable Software and Affected Versions: Newtec NTC2218, NTC2250, NTC2299 versions 1.0.1.1 through 2.2.6.19 Description: A buffer overflow issue in the swdownload binary allows attackers to execute arbitrary code. The parse INFO function uses an unrestricted sscanf to read a string ...
PT-2025-2192 · Newtec · Newtec/Idirect Ntc2299 +2
Name of the Vulnerable Software and Affected Versions: Newtec/iDirect NTC2218, NTC2250, NTC2299 versions 1.0.1.1 through 2.2.6.19 Description: The issue affects the commit multicast page in the modem's web administration interface, which improperly parses incoming data from the request before...
Newtec Satellite Modem MDM6000 2.2.5 Cross Site Scripting
Newtec Satellite Modem MDM6000 2.2.5 Cross-Site Scripting Vulnerability Vendor: Newtec Cy N.V. Product web page: http://www.newtec.eu Affected version: 2.2.5.67852 2.2.4.64193 1.3.8.56435 Summary: The MDM6000 modem is typically installed at both ends of a point-to-point satellite link or at the...
Newtec Satellite Modem MDM6000 2.2.5 Cross-Site Scripting Vulnerability
Summary The MDM6000 modem is typically installed at both ends of a point-to-point satellite link or at the remote sites of a star network. The unit can work as a modulator, demodulator or modem depending on the network configuration and integrates seamlessly with terrestrial IP networks and...