22 matches found
EUVD-2025-29082
Malicious code in bioql PyPI...
EUVD-2025-29079
Malicious code in bioql PyPI...
EUVD-2025-29083
Malicious code in bioql PyPI...
CVE-2025-45583
Incorrect access control in the FTP protocol of Audi UTR 2.0 Universal Traffic Recorder 2.0 allows attackers to authenticate into the service using any combination of username and password...
CVE-2025-45586
An issue in Audi UTR 2.0 Universal Traffic Recorder 2.0 allows attackers to arbitrarily overwrite files via supplying a crafted PUT request...
CVE-2025-45587
A stack overflow in the FTP service of Audi UTR 2.0 Universal Traffic Recorder 2.0 allows attackers to cause a Denial of Service DoS via a crafted input...
CVE-2025-45585
Multiple stored cross-site scripting XSS vulnerabilities in Audi UTR 2.0 Universal Traffic Recorder 2.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the wifistassid or wifiapssid parameters...
CVE-2025-45584
Incorrect access control in the web service of Audi UTR 2.0 Universal Traffic Recorder 2.0 allows attackers to download car information without authentication...
PT-2025-37348
Name of the Vulnerable Software and Affected Versions: Audi UTR 2.0 Universal Traffic Recorder 2.0 affected versions not specified Description: The web service contains an incorrect access control configuration, allowing attackers to download car information without authentication. Recommendation...
CVE-2025-45587
A stack overflow in the FTP service of Audi UTR 2.0 Universal Traffic Recorder 2.0 allows attackers to cause a Denial of Service DoS via a crafted input...
PT-2025-37351
Name of the Vulnerable Software and Affected Versions: Audi UTR 2.0 Universal Traffic Recorder 2.0 Description: A stack overflow in the FTP service allows attackers to cause a Denial of Service DoS via a crafted input. Recommendations: At the moment, there is no information about a newer version...
CVE-2025-45584
Incorrect access control in the web service of Audi UTR 2.0 Universal Traffic Recorder 2.0 allows attackers to download car information without authentication...
CVE-2025-45586
CVE-2025-45586 affects Audi UTR 2.0 Universal Traffic Recorder 2.0. The issue allows an attacker to arbitrarily overwrite files by sending a crafted PUT request. The connected sources consistently describe a file overwrite condition via a crafted PUT to the affected application, but do not provid...
CVE-2025-45583
CVE-2025-45583 affects Audi UTR 2.0 Universal Traffic Recorder 2.0. The vulnerability is an improper access control in the FTP protocol that allows an attacker to authenticate to the service using any username/password combination. CVSS metrics in the provided records indicate a CRITICAL base sco...
CVE-2025-45587
CVE-2025-45587 describes a stack overflow in the FTP service of Audi UTR 2.0 Universal Traffic Recorder 2.0 that allows attackers to cause a Denial of Service (DoS) via a crafted input. Affected component is the FTP service; root cause is a stack overflow. Documented impact: availability impact h...
CVE-2025-45584
The CVE-2025-45584 entry concerns Audi UTR 2.0 Universal Traffic Recorder 2.0. The vulnerability is described as an incorrect access control in the web service, enabling attackers to download car information without authentication. CVSS v3.1 base metrics indicate high impact on confidentiality (C...
PT-2025-37347
Name of the Vulnerable Software and Affected Versions: Audi UTR 2.0 Universal Traffic Recorder 2.0 affected versions not specified Description: An incorrect access control issue exists in the FTP protocol. This allows attackers to authenticate to the service using any combination of username and...
CVE-2025-30118
An issue was discovered on the Audi Universal Traffic Recorder 2.88. It has Susceptibility to denial of service. It uses the same default credentials for all devices and does not implement proper multi-device authentication, allowing attackers to deny the owner access by occupying the only...
CVE-2025-30118
An issue was discovered on the Audi Universal Traffic Recorder 2.88. It has Susceptibility to denial of service. It uses the same default credentials for all devices and does not implement proper multi-device authentication, allowing attackers to deny the owner access by occupying the only...
CVE-2025-2555
A vulnerability classified as problematic has been found in Audi Universal Traffic Recorder App 2.0. Affected is an unknown function of the component FTP Credentials. The manipulation leads to use of hard-coded password. Attacking locally is a requirement. The complexity of an attack is rather...