CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4 matches found

Vulnrichment•added 2025/12/24 7:28 p.m.•2 views

CVE-2019-25254 KYOCERA Net Admin 3.4.0906 Cross-Site Request Forgery via User Administration

KYOCERA Net Admin 3.4.0906 contains a cross-site request forgery vulnerability that allows attackers to create administrative users without proper request validation. Attackers can craft malicious web pages that automatically submit forms to add new admin accounts with predefined credentials when...

8.8CVSS6.4AI score0.00012EPSS

Exploits2References3

Positive Technologies•added 2025/12/24 12:0 a.m.•3 views

PT-2025-53340

Name of the Vulnerable Software and Affected Versions KYOCERA Net Admin version 3.4.0906 Description The software contains a cross-site request forgery condition that permits attackers to create administrative users without sufficient request validation. An attacker can construct malicious web...

5.3CVSS6.4AI score0.00012EPSS

Exploits2References5

CNNVD•added 2025/12/24 12:0 a.m.•5 views

KYOCERA Net Admin 安全漏洞

KYOCERA Net Admin is an enterprise-level device management platform from KYOCERA, Inc. A security vulnerability exists in KYOCERA Net Admin version 3.4.0906, which stems from the mishandling of XML files by the Multi-Set Template Editor, which could lead to an XML external entity injection attack...

7.5CVSS7.1AI score0.00019EPSS

Exploits2References3