Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
๐Ÿ”ฅ Daily Hot!
๐Ÿ’ช๐Ÿฝ CPE Enhanced Advisories
๐Ÿ•ถ Shadow Exploits
๐Ÿ•ต๐Ÿผ Vulners CPE
๐Ÿ” Security news
๐Ÿ’ป Exploit updates
๐Ÿ“‘ Blogs review
๐Ÿง Linux vulnerabilities
๐Ÿž Bugbounty
๐Ÿค– AI High Score
๐Ÿ“ฐ CVE Feed
show all

7 matches found

EUVD
EUVDโ€ขadded 2025/12/28 12:30 p.m.โ€ข1 views

EUVD-2025-205507

A vulnerability was identified in ZSPACE Z4Pro+ 1.0.0440024. The impacted element is the function zfilev2apiCloseSafe of the file /v2/file/safe/close of the component HTTP POST Request Handler. Such manipulation leads to command injection. It is possible to launch the attack remotely. The exploit...

6.5CVSS6.6AI score0.00244EPSS
Exploits1References5
Vulnrichment
Vulnrichmentโ€ขadded 2025/12/28 11:2 a.m.โ€ข2 views

CVE-2025-15133 ZSPACE Z4Pro+ HTTP POST Request close zfilev2_api_CloseSafe command injection

A vulnerability was identified in ZSPACE Z4Pro+ 1.0.0440024. The impacted element is the function zfilev2apiCloseSafe of the file /v2/file/safe/close of the component HTTP POST Request Handler. Such manipulation leads to command injection. It is possible to launch the attack remotely. The exploit...

6.5CVSS6.5AI score0.00244EPSS
Exploits1References4
Cvelist
Cvelistโ€ขadded 2025/12/28 10:32 a.m.โ€ข18 views

CVE-2025-15132 ZSPACE Z4Pro+ HTTP POST Request open zfilev2_api_open command injection

A vulnerability was determined in ZSPACE Z4Pro+ 1.0.0440024. The affected element is the function zfilev2apiopen of the file /v2/file/safe/open of the component HTTP POST Request Handler. This manipulation causes command injection. It is possible to initiate the attack remotely. The exploit has...

6.5CVSS0.00244EPSS
Exploits1References4
CVE
CVEโ€ขadded 2025/12/28 10:32 a.m.โ€ข9 views

CVE-2025-15132

Summary: CVE-2025-15132 affects ZSPACE Z4Pro+ 1.0.0440024. The vulnerable component is the HTTP POST Request Handler, specifically the function zfilev2_api_open in the file path /v2/file/safe/open. This manipulation enables command injection and can be triggered remotely. Public disclosure of the...

8.8CVSS6.6AI score0.00244EPSS
Exploits1References4Affected Software1
CNNVD
CNNVDโ€ขadded 2025/12/28 12:0 a.m.โ€ข2 views

ZSPACE Z4Pro+ ๅ‘ฝไปคๆณจๅ…ฅๆผๆดž

ZSPACE Z4Pro+ is a private cloud storage device from China Pole Space ZSPACE. A command injection vulnerability exists in ZSPACE Z4Pro+ version 1.0.0440024, which originates from a misbehavior of the function zfilev2apiCloseSafe in the file /v2/file/safe/close, which could lead to command injecti...

8.8CVSS6.8AI score0.00244EPSS
Exploits1References5
CNNVD
CNNVDโ€ขadded 2025/12/28 12:0 a.m.โ€ข2 views

ZSPACE Z4Pro+ ๅ‘ฝไปคๆณจๅ…ฅๆผๆดž

ZSPACE Z4Pro+ is a private cloud storage device from China Pole Space ZSPACE. A command injection vulnerability exists in ZSPACE Z4Pro+ version 1.0.0440024, which originates from a misuse of the function zfilev2apiSafeStatus in the file /v2/file/safe/status, which could lead to command injection...

8.8CVSS6.8AI score0.00244EPSS
Exploits1References5
Positive Technologies
Positive Technologiesโ€ขadded 2025/12/28 12:0 a.m.โ€ข3 views

PT-2025-53646

Name of the Vulnerable Software and Affected Versions ZSPACE Z4Pro+ version 1.0.0440024 Description A command injection issue exists in ZSPACE Z4Pro+. The issue is located within the HTTP POST Request Handler component, specifically in the zfilev2 api SafeStatus function accessible via the...

6.5CVSS7.6AI score0.00244EPSS
Exploits1References9
Rows per page
Query Builder