Lucene search
K

59 matches found

CVE
CVE
added 2025/12/28 10:32 a.m.14 views

CVE-2025-15132

Summary: CVE-2025-15132 affects ZSPACE Z4Pro+ 1.0.0440024. The vulnerable component is the HTTP POST Request Handler, specifically the function zfilev2_api_open in the file path /v2/file/safe/open. This manipulation enables command injection and can be triggered remotely. Public disclosure of the...

8.8CVSS6.6AI score0.06692EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2025/12/28 10:15 a.m.3 views

CVE-2025-15131

A vulnerability was found in ZSPACE Z4Pro+ 1.0.0440024. Impacted is the function zfilev2apiSafeStatus of the file /v2/file/safe/status of the component HTTP POST Request Handler. The manipulation results in command injection. The attack may be performed from remote. The exploit has been made publ...

8.8CVSS5.5AI score0.06828EPSS
Exploits1References4
NVD
NVD
added 2025/12/28 10:15 a.m.5 views

CVE-2025-15131

A vulnerability was found in ZSPACE Z4Pro+ 1.0.0440024. Impacted is the function zfilev2apiSafeStatus of the file /v2/file/safe/status of the component HTTP POST Request Handler. The manipulation results in command injection. The attack may be performed from remote. The exploit has been made publ...

8.8CVSS0.06828EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/12/28 10:2 a.m.4 views

CVE-2025-15131 ZSPACE Z4Pro+ HTTP POST Request status zfilev2_api_SafeStatus command injection

A vulnerability was found in ZSPACE Z4Pro+ 1.0.0440024. Impacted is the function zfilev2apiSafeStatus of the file /v2/file/safe/status of the component HTTP POST Request Handler. The manipulation results in command injection. The attack may be performed from remote. The exploit has been made publ...

6.5CVSS6.3AI score0.06828EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/12/28 10:2 a.m.21 views

CVE-2025-15131 ZSPACE Z4Pro+ HTTP POST Request status zfilev2_api_SafeStatus command injection

A vulnerability was found in ZSPACE Z4Pro+ 1.0.0440024. Impacted is the function zfilev2apiSafeStatus of the file /v2/file/safe/status of the component HTTP POST Request Handler. The manipulation results in command injection. The attack may be performed from remote. The exploit has been made publ...

6.5CVSS0.06828EPSS
Exploits1References4
CVE
CVE
added 2025/12/28 10:2 a.m.13 views

CVE-2025-15131

Affects ZSPACE Z4Pro+ (version 1.0.0440024). The vulnerability is in the HTTP POST Request Handler, specifically the zfilev2_api_SafeStatus function at /v2/file/safe/status, enabling remote command injection. Exploit public. Impact includes potential arbitrary commands execution; confidentiality,...

8.8CVSS6.5AI score0.06828EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2025/12/28 12:0 a.m.4 views

PT-2025-53646

Name of the Vulnerable Software and Affected Versions ZSPACE Z4Pro+ version 1.0.0440024 Description A command injection issue exists in ZSPACE Z4Pro+. The issue is located within the HTTP POST Request Handler component, specifically in the zfilev2 api SafeStatus function accessible via the...

6.5CVSS7.6AI score0.06828EPSS
Exploits1References9
Positive Technologies
Positive Technologies
added 2025/12/28 12:0 a.m.5 views

PT-2025-53648

Name of the Vulnerable Software and Affected Versions ZSPACE Z4Pro+ version 1.0.0440024 Description A command injection issue exists in ZSPACE Z4Pro+. The affected component is the HTTP POST Request Handler, specifically within the zfilev2 api CloseSafe function located in the file...

6.5CVSS7.2AI score0.06882EPSS
Exploits1References10
CNNVD
CNNVD
added 2025/12/28 12:0 a.m.5 views

ZSPACE Z4Pro+ 命令注入漏洞

ZSPACE Z4Pro+ is a private cloud storage device from China Pole Space ZSPACE. A command injection vulnerability exists in ZSPACE Z4Pro+ version 1.0.0440024, which originates from a misuse of the function zfilev2apiSafeStatus in the file /v2/file/safe/status, which could lead to command injection...

8.8CVSS6.8AI score0.06828EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2025/12/28 12:0 a.m.6 views

PT-2025-53647

Name of the Vulnerable Software and Affected Versions ZSPACE Z4Pro+ version 1.0.0440024 Description A flaw exists in ZSPACE Z4Pro+ that allows for command injection. The issue is located within the zfilev2 api open function, accessible through the /v2/file/safe/open endpoint of the HTTP POST...

6.5CVSS6.9AI score0.06692EPSS
Exploits1References8
CNNVD
CNNVD
added 2025/12/28 12:0 a.m.4 views

ZSPACE Z4Pro+ 命令注入漏洞

ZSPACE Z4Pro+ is a private cloud storage device from China Pole Space ZSPACE. A command injection vulnerability exists in ZSPACE Z4Pro+ version 1.0.0440024, which originates from a misbehavior of the function zfilev2apiCloseSafe in the file /v2/file/safe/close, which could lead to command injecti...

8.8CVSS6.8AI score0.06882EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/12/28 12:0 a.m.5 views

ZSPACE Z4Pro+ 命令注入漏洞

ZSPACE Z4Pro+ is a private cloud storage device from China's ZSPACE ZSPACE company. A command injection vulnerability exists in ZSPACE Z4Pro+ version 1.0.0440024, which originates from a misbehavior of the function zfilev2apiopen in the file /v2/file/safe/open, which could lead to command injecti...

8.8CVSS6.8AI score0.06692EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/12/08 12:15 p.m.17 views

CVE-2025-14108

A weakness has been identified in ZSPACE Q2C NAS up to 1.1.0210050. Affected by this issue is the function zfilev2api.OpenSafe of the file /v2/file/safe/open of the component HTTP POST Request Handler. This manipulation of the argument safedir causes command injection. It is possible to initiate...

9CVSS8.6AI score0.09394EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/12/06 9:37 p.m.15 views

CVE-2025-14106

A vulnerability was identified in ZSPACE Q2C NAS up to 1.1.0210050. Affected is the function zfilev2api.CloseSafe of the file /v2/file/safe/close of the component HTTP POST Request Handler. The manipulation of the argument safedir leads to command injection. The attack is possible to be carried o...

9CVSS8.6AI score0.10859EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/12/06 9:37 p.m.11 views

CVE-2025-14107

A security flaw has been discovered in ZSPACE Q2C NAS up to 1.1.0210050. Affected by this vulnerability is the function zfilev2api.SafeStatus of the file /v2/file/safe/status of the component HTTP POST Request Handler. The manipulation of the argument safedir results in command injection. The...

9CVSS8.5AI score0.10962EPSS
Exploits1References1
EUVD
EUVD
added 2025/12/06 12:31 a.m.5 views

EUVD-2025-201503

A security flaw has been discovered in ZSPACE Q2C NAS up to 1.1.0210050. Affected by this vulnerability is the function zfilev2api.SafeStatus of the file /v2/file/safe/status of the component HTTP POST Request Handler. The manipulation of the argument safedir results in command injection. The...

9CVSS6.3AI score0.10962EPSS
Exploits1References5
EUVD
EUVD
added 2025/12/06 12:31 a.m.7 views

EUVD-2025-201501

A weakness has been identified in ZSPACE Q2C NAS up to 1.1.0210050. Affected by this issue is the function zfilev2api.OpenSafe of the file /v2/file/safe/open of the component HTTP POST Request Handler. This manipulation of the argument safedir causes command injection. It is possible to initiate...

9CVSS6.4AI score0.09394EPSS
Exploits1References5
EUVD
EUVD
added 2025/12/06 12:31 a.m.4 views

EUVD-2025-201502

A vulnerability was identified in ZSPACE Q2C NAS up to 1.1.0210050. Affected is the function zfilev2api.CloseSafe of the file /v2/file/safe/close of the component HTTP POST Request Handler. The manipulation of the argument safedir leads to command injection. The attack is possible to be carried o...

9CVSS6.4AI score0.10859EPSS
Exploits1References5
OSV
OSV
added 2025/12/05 10:15 p.m.3 views

CVE-2025-14108

A weakness has been identified in ZSPACE Q2C NAS up to 1.1.0210050. Affected by this issue is the function zfilev2api.OpenSafe of the file /v2/file/safe/open of the component HTTP POST Request Handler. This manipulation of the argument safedir causes command injection. It is possible to initiate...

8.7CVSS5.7AI score0.09394EPSS
Exploits1References4
OSV
OSV
added 2025/12/05 10:15 p.m.4 views

CVE-2025-14107

A security flaw has been discovered in ZSPACE Q2C NAS up to 1.1.0210050. Affected by this vulnerability is the function zfilev2api.SafeStatus of the file /v2/file/safe/status of the component HTTP POST Request Handler. The manipulation of the argument safedir results in command injection. The...

8.7CVSS5.5AI score
Exploits0References4
Rows per page
Query Builder