Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/04/25 8:48 p.m.5 views

CVE-2025-2764

CarlinKit CPC200-CCPA update.cgi Improper Verification of Cryptographic Signature Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of CarlinKit CPC200-CCPA devices. Although authentication is required to exploit...

8CVSS7.7AI score0.00233EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/04/23 4:48 p.m.25 views

CVE-2025-2764 CarlinKit CPC200-CCPA update.cgi Improper Verification of Cryptographic Signature Code Execution Vulnerability

CarlinKit CPC200-CCPA update.cgi Improper Verification of Cryptographic Signature Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of CarlinKit CPC200-CCPA devices. Although authentication is required to exploit...

8CVSS0.00233EPSS
Exploits0References1
CVE
CVE
added 2025/04/23 4:48 p.m.56 views

CVE-2025-2764

The CVE-2025-2764 entry concerns CarlinKit CPC200-CCPA, specifically the update.cgi handler. The flaw is improper verification of cryptographic signatures on update packages, allowing code execution in the root context when a package is processed. Exploitation is described as network-adjacent wit...

8CVSS8.2AI score0.00233EPSS
Exploits0References1Affected Software1
Circl
Circl
added 2025/03/25 4:0 a.m.5 views

CVE-2025-2764

creationtimestamp| type| source ---|---|--- 2025-03-25 04:00:00+00:00| seen| http://www.zerodayinitiative.com/advisories/ZDI-25-178/ 2025-04-23 19:48:33+00:00| seen| https://mastodon.social/users/CyberSignaler/statuses/114389005957491891 2025-04-23 20:14:31+00:00| seen|...

8CVSS7.8AI score0.00233EPSS
Exploits0References4
Rows per page
Query Builder