27 matches found
CVE-2025-15083
A vulnerability was determined in TOZED ZLT M30s up to 1.47. The affected element is an unknown function of the component UART Interface. Executing manipulation can lead to on-chip debug and test interface with improper access control. The physical device can be targeted for the attack. Attacks o...
CVE-2025-15082
A vulnerability was found in TOZED ZLT M30s up to 1.47. Impacted is an unknown function of the file /reqproc/procpost of the component Web Management Interface. Performing manipulation of the argument goformId results in information disclosure. It is possible to initiate the attack remotely. The...
EUVD-2025-205382
A vulnerability was found in TOZED ZLT M30s up to 1.47. Impacted is an unknown function of the file /reqproc/procpost of the component Web Management Interface. Performing manipulation of the argument goformId results in information disclosure. It is possible to initiate the attack remotely. The...
EUVD-2025-205381
A vulnerability was determined in TOZED ZLT M30s up to 1.47. The affected element is an unknown function of the component UART Interface. Executing manipulation can lead to on-chip debug and test interface with improper access control. The physical device can be targeted for the attack. Attacks o...
CVE-2025-15083
A vulnerability was determined in TOZED ZLT M30s up to 1.47. The affected element is an unknown function of the component UART Interface. Executing manipulation can lead to on-chip debug and test interface with improper access control. The physical device can be targeted for the attack. Attacks o...
CVE-2025-15083
A vulnerability was determined in TOZED ZLT M30s up to 1.47. The affected element is an unknown function of the component UART Interface. Executing manipulation can lead to on-chip debug and test interface with improper access control. The physical device can be targeted for the attack. Attacks o...
CVE-2025-15083 TOZED ZLT M30s UART on-chip debug and test interface with improper access control
A vulnerability was determined in TOZED ZLT M30s up to 1.47. The affected element is an unknown function of the component UART Interface. Executing manipulation can lead to on-chip debug and test interface with improper access control. The physical device can be targeted for the attack. Attacks o...
CVE-2025-15083
TOZED ZLT M30s devices (
CVE-2025-15082
A vulnerability was found in TOZED ZLT M30s up to 1.47. Impacted is an unknown function of the file /reqproc/procpost of the component Web Management Interface. Performing manipulation of the argument goformId results in information disclosure. It is possible to initiate the attack remotely. The...
CVE-2025-15082
A vulnerability was found in TOZED ZLT M30s up to 1.47. Impacted is an unknown function of the file /reqproc/procpost of the component Web Management Interface. Performing manipulation of the argument goformId results in information disclosure. It is possible to initiate the attack remotely. The...
CVE-2025-15082 TOZED ZLT M30s Web Management proc_post information disclosure
A vulnerability was found in TOZED ZLT M30s up to 1.47. Impacted is an unknown function of the file /reqproc/procpost of the component Web Management Interface. Performing manipulation of the argument goformId results in information disclosure. It is possible to initiate the attack remotely. The...
CVE-2025-15082
The CVE-2025-15082 entry concerns TOZED ZLT M30s (versions up to 1.47) with a vulnerability in the Web Management Interface. The root cause is manipulation of the goformId argument in the /reqproc/proc_post function, leading to information disclosure. Exploitation can be performed remotely, and p...
PT-2025-53406
Name of the Vulnerable Software and Affected Versions TOZED ZLT M30s versions up to 1.47 Description A flaw exists in TOZED ZLT M30s up to version 1.47 related to the UART Interface component. Manipulation of an unknown function within this component can lead to improper access control to the...
TOZED ZLT M30S 安全漏洞
TOZED ZLT M30S is a mobile WiFi router from China's Tongze Kangwei TOZED. A security vulnerability exists in TOZED ZLT M30S version 1.47 and earlier, which stems from the presence of an improperly access-controlled on-chip debug and test interface in the UART Interface component, which could lead...
PT-2025-53405
Name of the Vulnerable Software and Affected Versions TOZED ZLT M30s versions up to 1.47 Description A flaw exists in TOZED ZLT M30s, specifically within the Web Management Interface component. Manipulation of the goformId argument in a request to the /reqproc/proc post file can lead to informati...
CVE-2025-14105
A vulnerability was determined in TOZED ZLT M30S and ZLT M30S PRO 1.47/3.09.06. This impacts an unknown function of the file /reqproc/procpost of the component Web Interface. Executing manipulation of the argument goformId with the input REBOOTDEVICE can lead to denial of service. The attack can...
CVE-2025-14126
A vulnerability has been found in TOZED ZLT M30S and ZLT M30S PRO 1.47/3.09.06. Affected is an unknown function of the component Web Interface. Such manipulation leads to hard-coded credentials. The attack needs to be initiated within the local network. The exploit has been disclosed to the publi...
EUVD-2025-201542
A vulnerability has been found in TOZED ZLT M30S and ZLT M30S PRO 1.47/3.09.06. Affected is an unknown function of the component Web Interface. Such manipulation leads to hard-coded credentials. The attack needs to be initiated within the local network. The exploit has been disclosed to the publi...
CVE-2025-14126 TOZED ZLT M30S/ZLT M30S PRO Web hard-coded credentials
A vulnerability has been found in TOZED ZLT M30S and ZLT M30S PRO 1.47/3.09.06. Affected is an unknown function of the component Web Interface. Such manipulation leads to hard-coded credentials. The attack needs to be initiated within the local network. The exploit has been disclosed to the publi...
CVE-2025-14126
The CVE-2025-14126 affects TOZED ZLT M30S and ZLT M30S PRO devices (versions 1.47 and 3.09.06) where a vulnerability exists in the Web Interface component that leads to hard-coded credentials being exposed. This requires local-network access and is supported by multiple sources in the Connected d...