3 matches found
CVE-2025-63223
The Axel Technology StreamerMAX MK II devices firmware versions 0.8.5 to 1.0.3 are vulnerable to Broken Access Control due to missing authentication on the /cgi-bin/gstFcgi.fcgi endpoint. Unauthenticated remote attackers can list user accounts, create new administrative users, delete users, and...
Axel StreamerMAX MK II 安全漏洞
Axel StreamerMAX MK II is an audio codec device from Axel Italy. A security vulnerability exists in the Axel StreamerMAX MK II versions 0.8.5 through 1.0.3, which stems from a lack of authentication in the /cgi-bin/gstFcgi.fcgi endpoint, and could lead to a full crack of the device...
CVE-2025-63223
The CVE-2025-63223 entry affects Axel Technology StreamerMAX MK II firmware versions 0.8.5–1.0.3. The root cause is Broken Access Control caused by missing authentication on the /cgi-bin/gstFcgi.fcgi endpoint, allowing unauthenticated remote attackers to list user accounts, create new administrat...