6 matches found
CVE-2025-34215
Vasion Print formerly PrinterLogic Virtual Appliance Host prior to version 22.0.1026 and Application prior to version 20.0.2702 only VA deployments expose an unauthenticated firmware-upload flow: a public page returns a signed token usable at va-api/v1/update, and every Docker image contains the...
CVE-2025-34215 Vasion Print (formerly PrinterLogic) Unauthenticated Firmware Update Endpoint RCE
Vasion Print formerly PrinterLogic Virtual Appliance Host prior to version 22.0.1026 and Application prior to version 20.0.2702 only VA deployments expose an unauthenticated firmware-upload flow: a public page returns a signed token usable at va-api/v1/update, and every Docker image contains the...
CVE-2025-34215
CVE-2025-34215 : Vasion Print (formerly PrinterLogic) Virtual Appliance Host before 22.0.1026 and Application before 20.0.2702 expose an unauthenticated firmware-upload flow. A public page returns a signed token usable at va-api/v1/update, and every Docker image contains the appliance’s private G...
Moxa NPort Unauthenticated Firmware Update (CVE-2016-9369)
An issue was discovered in Moxa NPort 5110 versions prior to 2.6, NPort 5130/5150 Series versions prior to 3.6, NPort 5200 Series versions prior to 2.8, NPort 5400 Series versions prior to 3.11, NPort 5600 Series versions prior to 3.7, NPort 5100A Series & NPort P5150A versions prior to 1.3, NPor...
CVE-2022-36360
CVE-2022-36360 affects LOGO! 8 BM (incl. SIPLUS variants) prior to version 8.3. The vulnerability arises because firmware updates are loaded without authenticity checks and the unencrypted firmware integrity is verified only by a non-cryptographic method, enabling manipulation of a firmware updat...
CVE-2019-12289
An issue was discovered in upgradefirmware.cgi on VStarcam 100T C7824WIP CH-sys-48.53.75.119123 and 200V C38S CH-sys-48.53.203.119123 devices. A remote command can be executed through a system firmware update without authentication. The attacker can modify the files within the internal firmware o...