PT-2025-36738

Name of the Vulnerable Software and Affected Versions: TecCom TecConnect version 4.1 Description: The OpenMessaging webservice in TecCom TecConnect version 4.1 contains a blind XML External Entity XXE injection. This allows an unauthenticated attacker to exfiltrate arbitrary files to an...