5 matches found
CVE-2025-60739
CVE-2025-60739 is a Cross-Site Request Forgery (CSRF) vulnerability affecting Ilevia EVE X1 Server Firmware versions prior to v4.7.18.0.eden and Ilevia EVE Logic prior to v6.00 - 2025_07_21. The issue is exploitable through the /bh_web_backend component, enabling a remote attacker to execute arbi...
CVE-2025-60739
Cross Site Request Forgery CSRF vulnerability in Ilevia EVE X1 Server Firmware Version v4.7.18.0.eden and before, Logic Version v6.00 - 20250721 allows a remote attacker to execute arbitrary code via the /bhwebbackend component...
PT-2025-48040
Name of the Vulnerable Software and Affected Versions Ilevia EVE X1 Server Firmware versions prior to v4.7.18.0.eden Ilevia EVE Logic versions prior to v6.00 - 2025 07 21 Description A Cross Site Request Forgery CSRF issue exists in the /bh web backend component. This allows a remote attacker to...
CVE-2025-60738
An issue in Ilevia EVE X1 Server Firmware Version v4.7.18.0.eden and before Logic Version v6.00 - 20250721 and before allows a remote attacker to execute arbitrary code via the ping.php component does not perform secure filtering on IP parameters...
CVE-2025-60738
An issue in Ilevia EVE X1 Server Firmware Version v4.7.18.0.eden and before Logic Version v6.00 - 20250721 and before allows a remote attacker to execute arbitrary code via the ping.php component does not perform secure filtering on IP parameters...