3 matches found
CVE-2025-63223
The Axel Technology StreamerMAX MK II devices firmware versions 0.8.5 to 1.0.3 are vulnerable to Broken Access Control due to missing authentication on the /cgi-bin/gstFcgi.fcgi endpoint. Unauthenticated remote attackers can list user accounts, create new administrative users, delete users, and...
CVE-2025-63223
The CVE-2025-63223 entry affects Axel Technology StreamerMAX MK II firmware versions 0.8.5–1.0.3. The root cause is Broken Access Control caused by missing authentication on the /cgi-bin/gstFcgi.fcgi endpoint, allowing unauthenticated remote attackers to list user accounts, create new administrat...
Axel StreamerMAX MK II 安全漏洞
Axel StreamerMAX MK II is an audio codec device from Axel Italy. A security vulnerability exists in the Axel StreamerMAX MK II versions 0.8.5 through 1.0.3, which stems from a lack of authentication in the /cgi-bin/gstFcgi.fcgi endpoint, and could lead to a full crack of the device...