CVE-2025-46661

IPW Systems Metazo through 8.1.3 allows unauthenticated Remote Code Execution because smartyValidator.php enables the attacker to provide template expressions, aka Server-Side Template-Injection. All instances have been patched by the Supplier...

CVE-2025-46661

IPW Systems Metazo through 8.1.3 allows unauthenticated Remote Code Execution because smartyValidator.php enables the attacker to provide template expressions, aka Server-Side Template-Injection. All instances have been patched by the Supplier...

CVE-2025-46661

IPW Systems Metazo through 8.1.3 allows unauthenticated Remote Code Execution because smartyValidator.php enables the attacker to provide template expressions, aka Server-Side Template-Injection. All instances have been patched by the Supplier...

CVE-2025-46661

IPW Systems Metazo up to version 8.1.3 is affected by unauthenticated Remote Code Execution via Server-Side Template-Injection through smartyValidator.php. The issue affects versions 8.1.3 and earlier; all instances have been patched by the supplier. CVSS metrics shown in sources indicate a criti...

CVE-2025-46661

IPW Systems Metazo through 8.1.3 allows unauthenticated Remote Code Execution because smartyValidator.php enables the attacker to provide template expressions, aka Server-Side Template-Injection. All instances have been patched by the Supplier...

PT-2025-18069 · Ipw Systems · Ipw Systems Metazo

Name of the Vulnerable Software and Affected Versions: IPW Systems Metazo versions 8.1.3 and earlier Description: The issue allows for unauthenticated Remote Code Execution because smartyValidator.php enables the attacker to provide template expressions, also known as Server-Side...

IPW Systems Metazo 安全漏洞

IPW Systems Metazo is an industrial IoT gateway solution from IPW Systems that enables data collection, processing and transmission between field devices and IT systems. A security vulnerability exists in IPW Systems Metazo version 8.1.3 and earlier, which stems from the fact that...