CVE-2025-63213

The QVidium Opera11 device firmware version 2.9.0-Ax4x-opera11 is vulnerable to Remote Code Execution RCE due to improper input validation on the /cgi-bin/netping.cgi endpoint. An attacker can exploit this vulnerability by sending a specially crafted GET request with a malicious parameter to inje...

QVidium Opera11 安全漏洞

QVidium Opera11 is a broadcast codec device from QVidium Corporation, USA. A security vulnerability exists in QVidium Opera11 version 2.9.0-Ax4x-opera11, which originates from improper validation of /cgi-bin/netping.cgi endpoint inputs and could lead to remote code execution...

PT-2025-47525

Name of the Vulnerable Software and Affected Versions QVidium Opera11 firmware version 2.9.0-Ax4x-opera11 Description The QVidium Opera11 device is susceptible to Remote Code Execution RCE because of inadequate input validation. An attacker can exploit this by sending a crafted GET request to the...

CVE-2025-63213

The CVE-2025-63213 issue affects QVidium Opera11 firmware 2.9.0-Ax4x-opera11. The vulnerability is an RCE caused by improper input validation on /cgi-bin/net_ping.cgi, allowing a crafted GET request to inject commands that execute with root privileges. Impact is full device control as described i...