19 matches found
EUVD-2025-21440
Malicious code in bioql PyPI...
EUVD-2025-21451
Malicious code in bioql PyPI...
EUVD-2025-21450
Malicious code in bioql PyPI...
CVE-2025-52378
Cross-Site Scripting XSS vulnerability in Nexxt Solutions NCM-X1800 Mesh Router firmware UV1.2.7 and below allowing attackers to inject JavaScript code that is executed in the context of administrator sessions when viewing the device management page via the DEVICEALIAS parameter to the...
CVE-2025-52378
Cross-Site Scripting XSS vulnerability in Nexxt Solutions NCM-X1800 Mesh Router firmware UV1.2.7 and below allowing attackers to inject JavaScript code that is executed in the context of administrator sessions when viewing the device management page via the DEVICEALIAS parameter to the...
CVE-2025-52377
Command injection vulnerability in Nexxt Solutions NCM-X1800 Mesh Router versions UV1.2.7 and below, allowing authenticated attackers to execute arbitrary commands on the device. The vulnerability is present in the web management interface's ping and traceroute functionality, specifically in the...
CVE-2025-52377
Command injection vulnerability in Nexxt Solutions NCM-X1800 Mesh Router versions UV1.2.7 and below, allowing authenticated attackers to execute arbitrary commands on the device. The vulnerability is present in the web management interface's ping and traceroute functionality, specifically in the...
PT-2025-29565 · Nexxt Solutions · Nexxt Solutions Ncm-X1800 Mesh Router
Name of the Vulnerable Software and Affected Versions: Nexxt Solutions NCM-X1800 Mesh Router firmware versions prior to UV1.2.7 Description: Nexxt Solutions NCM-X1800 Mesh Router firmware contains an authenticated command injection issue in the firmware update feature. The /web/um fileName set.cg...
Nexxt Solutions NCM-X1800 操作系统命令注入漏洞
The Nexxt Solutions NCM-X1800 is a router from Nexxt Solutions. A security vulnerability exists in the Nexxt Solutions NCM-X1800 UV1.2.7 and earlier versions, which stems from a command injection vulnerability in the firmware update feature that could lead to remote code execution...
CVE-2025-52378
Cross-Site Scripting XSS vulnerability in Nexxt Solutions NCM-X1800 Mesh Router firmware UV1.2.7 and below allowing attackers to inject JavaScript code that is executed in the context of administrator sessions when viewing the device management page via the DEVICEALIAS parameter to the...
CVE-2025-52378
Cross-Site Scripting XSS vulnerability in Nexxt Solutions NCM-X1800 Mesh Router firmware UV1.2.7 and below allowing attackers to inject JavaScript code that is executed in the context of administrator sessions when viewing the device management page via the DEVICEALIAS parameter to the...
CVE-2025-52377
Command injection vulnerability in Nexxt Solutions NCM-X1800 Mesh Router versions UV1.2.7 and below, allowing authenticated attackers to execute arbitrary commands on the device. The vulnerability is present in the web management interface's ping and traceroute functionality, specifically in the...
PT-2025-29559 · Nexxt Solutions · Ncm-X1800 Mesh Router
Name of the Vulnerable Software and Affected Versions: Nexxt Solutions NCM-X1800 Mesh Router firmware versions UV1.2.7 and below Description: An authentication bypass exists in the /web/um open telnet.cgi endpoint. This bypass allows an attacker to remotely enable the Telnet service without...
Nexxt Solutions NCM-X1800 安全漏洞
The Nexxt Solutions NCM-X1800 is a router from Nexxt Solutions. A security vulnerability exists in the Nexxt Solutions NCM-X1800 UV1.2.7 and earlier versions, which stems from an authentication bypass that could lead to remote enablement of Telnet services...
PT-2025-29563 · Nexxt Solutions · Ncm-X1800 Mesh Router
Name of the Vulnerable Software and Affected Versions: Nexxt Solutions NCM-X1800 Mesh Router versions UV1.2.7 and below Description: A command injection issue exists in the web management interface's ping and traceroute functionality of the Nexxt Solutions NCM-X1800 Mesh Router. The application...
CVE-2025-52379
Nexxt Solutions NCM-X1800 Mesh Router firmware UV1.2.7 and below contains an authenticated command injection vulnerability in the firmware update feature. The /web/umfileNameset.cgi and /web/umwebupgrade.cgi endpoints fail to properly sanitize the upgradeFileName parameter, allowing authenticated...
CVE-2025-52377
CVE-2025-52377 affects Nexxt Solutions NCM-X1800 Mesh Router firmware UV1.2.7 and earlier. The vulnerability is in the web management interface’s ping/traceroute endpoints (/web/um_ping_set.cgi) where the Ping_host_text input is not properly sanitized before it reaches the underlying system comma...
CVE-2025-52378
Summary: CVE-2025-52378 is a stored XSS vulnerability in Nexxt Solutions NCM-X1800 Mesh Router firmware UV1.2.7 and earlier. The flaw arises from insufficient sanitization of the DEVICE_ALIAS input used by the /web/um_device_set_aliasname endpoint, enabling an attacker to inject JavaScript that r...
Exploit for CVE-2025-52376
Nexxt Solutions NCM-X1800 Mesh Router Vulnerabilities CVE-202...