Cisco Integrated Management Controller Virtual Keyboard Video Monitor Stored XSS (cisco-sa-ucs-kvmsxss-6h7AnUyk)

According to its self-reported version, Cisco Integrated Management Controller Virtual Keyboard Video Monitor Stored Cross-Site Scripting is affected by a vulnerability. - A vulnerability in the Virtual Keyboard Video Monitor vKVM connection handling of Cisco Integrated Management Controller IMC...

CVE-2025-20342

A vulnerability in the Virtual Keyboard Video Monitor vKVM connection handling of Cisco Integrated Management Controller IMC could allow an authenticated, remote attacker with low privileges to conduct a stored cross-site scripting XSS attack against a user of the interface. This vulnerability is...

CVE-2025-20317

Cisco CVE-2025-20317 affects the Integrated Management Controller (IMC) and the vKVM component (also in Cisco UCS Manager). The issue is an open redirect caused by insufficient verification of vKVM endpoints, allowing an unauthenticated, remote attacker to persuade a user to click a crafted link ...

CVE-2025-20342 Cisco Integrated Management Controller Virtual Keyboard Video Monitor (vKVM) Stored Cross-Site Scripting Vulnerability

A vulnerability in the Virtual Keyboard Video Monitor vKVM connection handling of Cisco Integrated Management Controller IMC could allow an authenticated, remote attacker with low privileges to conduct a stored cross-site scripting XSS attack against a user of the interface. This vulnerability is...

CVE-2025-20342

Cisco IMC vKVM stored XSS (CVE-2025-20342) arises from insufficient input validation in the web-based management interface. An authenticated user with vKVM privileges can inject code via a data field, potentially executing script in the interface context or exposing browser data. Affected product...

CVE-2025-20342 Cisco Integrated Management Controller Virtual Keyboard Video Monitor (vKVM) Stored Cross-Site Scripting Vulnerability

A vulnerability in the Virtual Keyboard Video Monitor vKVM connection handling of Cisco Integrated Management Controller IMC could allow an authenticated, remote attacker with low privileges to conduct a stored cross-site scripting XSS attack against a user of the interface. This vulnerability is...

Cisco Integrated Management Controller Virtual Keyboard Video Monitor Open Redirect Vulnerability

A vulnerability in the Virtual Keyboard Video Monitor vKVM connection handling of Cisco Integrated Management Controller IMC could allow an unauthenticated, remote attacker to redirect a user to a malicious website. This vulnerability is due to insufficient verification of vKVM endpoints. An...

PT-2025-34894

Name of the Vulnerable Software and Affected Versions: Cisco Integrated Management Controller IMC affected versions not specified Description: A vulnerability in the Virtual Keyboard Video Monitor vKVM connection handling could allow an unauthenticated, remote attacker to redirect a user to a...

Daycare Webcam Service Exposes 12,000 User Accounts

NurseryCam, a webcam service used across 40 daycare centers in the U.K. by parents who want to keep a watchful eye on their babies, has shut down following a data breach. The breach exposed the personal data of about 12,000 users to an attacker who said he or she was trying to improve the service...

Lens Peek-a-View Elevation of Privilege Vulnerability

Lens Peek-a-View is a video monitoring device for babies. An elevation of privilege vulnerability exists in Lens Peek-a-View. An attacker can exploit this vulnerability to gain root privileges...

iBaby M6 Information Disclosure Vulnerability

The iBaby M6 is a video monitoring device for babies. An information disclosure vulnerability exists in iBaby M6. A remote attacker can exploit this vulnerability to obtain sensitive information...