Lucene search
+L

5 matches found

nvd
nvd
added 2025/02/11 10:15 a.m.10 views

CVE-2025-26411

An authenticated attacker is able to use the Plugin Manager of the web interface of the Wattsense Bridge devices to upload malicious Python files to the device. This enables an attacker to gain remote root access to the device. An attacker needs a valid user account on the Wattsense web...

8.8CVSS0.00677EPSS
Exploits1References3
circl
circl
added 2025/02/11 9:27 a.m.8 views

CVE-2025-26411

creationtimestamp| type| source ---|---|--- 2025-02-11 09:27:50+00:00| seen| https://infosec.exchange/users/cve/statuses/113984541162452285 2025-02-11 10:16:11+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lhvgimlhwp2x 2025-02-11 16:48:30+00:00| seen|...

8.8CVSS8.7AI score0.00677EPSS
Exploits1References5
vulnrichment
vulnrichment
added 2025/02/11 9:21 a.m.10 views

CVE-2025-26411 Authenticated Arbitrary Python File Upload via Plugin Manager

An authenticated attacker is able to use the Plugin Manager of the web interface of the Wattsense Bridge devices to upload malicious Python files to the device. This enables an attacker to gain remote root access to the device. An attacker needs a valid user account on the Wattsense web...

8.7AI score0.00677EPSS
Exploits1References2
cvelist
cvelist
added 2025/02/11 9:21 a.m.22 views

CVE-2025-26411 Authenticated Arbitrary Python File Upload via Plugin Manager

An authenticated attacker is able to use the Plugin Manager of the web interface of the Wattsense Bridge devices to upload malicious Python files to the device. This enables an attacker to gain remote root access to the device. An attacker needs a valid user account on the Wattsense web...

0.00677EPSS
Exploits1References2
cve
cve
added 2025/02/11 9:21 a.m.586 views

CVE-2025-26411

Wattsense Bridge devices are affected by CVE-2025-26411 through the web interface Plugin Manager. An authenticated attacker with a valid Wattsense web account can upload malicious Python files to the device, enabling remote root access. The vulnerability is tied to the Plugin Manager functionalit...

8.8CVSS8.5AI score0.00677EPSS
Exploits1References3
Rows per page
Query Builder