CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

19 matches found

RedhatCVE•added 2026/02/17 1:27 p.m.•2 views

CVE-2026-2550

A vulnerability was found in EFM iptime A6004MX 14.18.2. Affected is the function commitvpnclifileupload of the file /cgi/timepro.cgi. The manipulation results in unrestricted upload. The attack may be performed from remote. The exploit has been made public and could be used. The vendor was...

10CVSS5.2AI score0.0006EPSS

Exploits0References1

EUVD•added 2026/02/16 12:30 p.m.•5 views

EUVD-2026-6098

10CVSS5.2AI score0.0006EPSS

Exploits0References5

Vulnrichment•added 2026/02/16 10:2 a.m.•2 views

CVE-2026-2550 EFM iptime A6004MX timepro.cgi commit_vpncli_file_upload unrestricted upload

10CVSS5.2AI score0.0006EPSS

Exploits0References4

CVE•added 2026/02/16 10:2 a.m.•16 views

CVE-2026-2550

The CVE-2026-2550 entry concerns EFM iptime A6004MX (v14.18.2). Affected is the function commit_vpncli_file_upload in /cgi/timepro.cgi, which enables unrestricted file upload. Exploitation is possible remotely and publicly disclosed. Public references from multiple sources corroborate the unrestr...

10CVSS7.9AI score0.0006EPSS

Exploits0References4

RedhatCVE•added 2026/02/03 3:11 a.m.•3 views

CVE-2026-1740

A vulnerability was found in EFM ipTIME A8004T 14.18.2. This impacts the function httpconchecksessionurl of the file /cgi/timepro.cgi of the component Hidden Hiddenloginsetup Interface. The manipulation results in improper authentication. The attack may be performed from remote. The exploit has...

9.8CVSS5AI score0.00096EPSS

Exploits0References1

OSV•added 2026/02/02 4:15 a.m.•0 views

CVE-2026-1740

9.8CVSS5.3AI score0.00096EPSS

Exploits0References4

Cvelist•added 2026/02/02 3:32 a.m.•27 views

CVE-2026-1742 EFM ipTIME A8004T VPN Service timepro.cgi commit_vpncli_file_upload unrestricted upload

A vulnerability was identified in EFM ipTIME A8004T 14.18.2. Affected by this vulnerability is the function commitvpnclifileupload of the file /cgi/timepro.cgi of the component VPN Service. Such manipulation leads to unrestricted upload. It is possible to launch the attack remotely. The exploit i...

5.8CVSS0.00014EPSS

Exploits0References4

CVE•added 2026/02/02 3:32 a.m.•8 views

CVE-2026-1742

CVE-2026-1742 affects EFM ipTIME A8004T 14.18.2. The vulnerable component is the VPN Service function commit_vpncli_file_upload in the file /cgi/timepro.cgi , enabling unrestricted upload via remote access. An exploit is publicly available; vendor response is not provided in the documents.

7.2CVSS5.6AI score0.00014EPSS

Exploits0References4Affected Software1

CVE•added 2026/02/02 2:32 a.m.•8 views

CVE-2026-1740

CVE-2026-1740 affects EFM ipTIME A8004T 14.18.2; the flaw is in httpcon_check_session_url inside /cgi/timepro.cgi in the Hidden login/setup interface, enabling remote improper authentication. Exploits are public per the sources; vendor did not respond to disclosure. Mitigation noted in PT-2026-55...

9.8CVSS6.7AI score0.00096EPSS

Exploits0References4Affected Software1

Cvelist•added 2026/02/02 2:32 a.m.•30 views

CVE-2026-1740 EFM ipTIME A8004T Hidden Hiddenloginsetup timepro.cgi httpcon_check_session_url improper authentication

7.5CVSS0.00096EPSS

Exploits0References4

Vulnrichment•added 2026/02/02 2:32 a.m.•1 views

CVE-2026-1740 EFM ipTIME A8004T Hidden Hiddenloginsetup timepro.cgi httpcon_check_session_url improper authentication

7.5CVSS5AI score0.00096EPSS

Exploits0References4

ATTACKERKB•added 2026/02/02 2:32 a.m.•3 views

CVE-2026-1740

7.5CVSS6.7AI score0.00096EPSS

Exploits0References4Affected Software1

Positive Technologies•added 2026/02/02 12:0 a.m.•2 views

PT-2026-5599

Name of the Vulnerable Software and Affected Versions EFM ipTIME A8004T version 14.18.2 Description A flaw exists in the authentication process of the EFM ipTIME A8004T router. This issue stems from improper authentication within the httpcon check session url function, located in the...

7.5CVSS7AI score0.00096EPSS

Exploits0References10

RedhatCVE•added 2025/12/12 3:13 a.m.•1 views

CVE-2025-14485

A weakness has been identified in EFM ipTIME A3004T 14.19.0. This vulnerability affects the function showdebugscreen of the file /sess-bin/timepro.cgi of the component Administrator Password Handler. This manipulation of the argument aaksjdkfj with the input !@dnjsrureljrm& causes command...

5CVSS6.3AI score0.0049EPSS

Exploits0References1

NVD•added 2025/12/11 3:15 a.m.•2 views

CVE-2025-14485

5CVSS0.0049EPSS

Exploits0References5

Vulnrichment•added 2025/12/11 3:2 a.m.•2 views

CVE-2025-14485 EFM ipTIME A3004T Administrator Password timepro.cgi show_debug_screen command injection

5CVSS6.1AI score0.0049EPSS

Exploits0References5

EUVD•added 2025/12/11 3:2 a.m.•3 views

EUVD-2025-202644

5CVSS5.9AI score0.0049EPSS

Exploits0References6

CVE•added 2025/12/11 3:2 a.m.•15 views

CVE-2025-14485

CVE-2025-14485 affects EFM ipTIME A3004T 14.19.0. The vulnerability is in the Administrator Password Handler’s show_debug_screen function (file /sess-bin/timepro.cgi). Manipulating the argument aaksjdkfj with input !@dnjsrureljrm*& enables command injection remotely. Public exploit content is ind...

5CVSS6.1AI score0.0049EPSS

Exploits0References5

Positive Technologies•added 2025/12/11 12:0 a.m.•3 views

PT-2025-50570

A weakness has been identified in EFM ipTIME A3004T 14.19.0. This vulnerability affects the function show debug screen of the file /sess-bin/timepro.cgi of the component Administrator Password Handler. This manipulation of the argument aaksjdkfj with the input !@dnjsrureljrm& causes command...

5CVSS6.4AI score0.0049EPSS

Exploits0References6

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by