Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

EUVD
EUVDadded 2025/12/28 12:30 p.m.1 views

EUVD-2025-205507

A vulnerability was identified in ZSPACE Z4Pro+ 1.0.0440024. The impacted element is the function zfilev2apiCloseSafe of the file /v2/file/safe/close of the component HTTP POST Request Handler. Such manipulation leads to command injection. It is possible to launch the attack remotely. The exploit...

6.5CVSS6.6AI score0.06882EPSS
Exploits1References5
Vulnrichment
Vulnrichmentadded 2025/12/28 11:2 a.m.3 views

CVE-2025-15133 ZSPACE Z4Pro+ HTTP POST Request close zfilev2_api_CloseSafe command injection

A vulnerability was identified in ZSPACE Z4Pro+ 1.0.0440024. The impacted element is the function zfilev2apiCloseSafe of the file /v2/file/safe/close of the component HTTP POST Request Handler. Such manipulation leads to command injection. It is possible to launch the attack remotely. The exploit...

6.5CVSS6.5AI score0.06882EPSS
Exploits1References4
Cvelist
Cvelistadded 2025/12/28 10:32 a.m.20 views

CVE-2025-15132 ZSPACE Z4Pro+ HTTP POST Request open zfilev2_api_open command injection

A vulnerability was determined in ZSPACE Z4Pro+ 1.0.0440024. The affected element is the function zfilev2apiopen of the file /v2/file/safe/open of the component HTTP POST Request Handler. This manipulation causes command injection. It is possible to initiate the attack remotely. The exploit has...

6.5CVSS0.06692EPSS
Exploits1References4
CVE
CVEadded 2025/12/28 10:32 a.m.11 views

CVE-2025-15132

Summary: CVE-2025-15132 affects ZSPACE Z4Pro+ 1.0.0440024. The vulnerable component is the HTTP POST Request Handler, specifically the function zfilev2_api_open in the file path /v2/file/safe/open. This manipulation enables command injection and can be triggered remotely. Public disclosure of the...

8.8CVSS6.6AI score0.06692EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologiesadded 2025/12/28 12:0 a.m.3 views

PT-2025-53646

Name of the Vulnerable Software and Affected Versions ZSPACE Z4Pro+ version 1.0.0440024 Description A command injection issue exists in ZSPACE Z4Pro+. The issue is located within the HTTP POST Request Handler component, specifically in the zfilev2 api SafeStatus function accessible via the...

6.5CVSS7.6AI score0.06828EPSS
Exploits1References9
CNNVD
CNNVDadded 2025/12/28 12:0 a.m.4 views

ZSPACE Z4Pro+ 命令注入漏洞

ZSPACE Z4Pro+ is a private cloud storage device from China Pole Space ZSPACE. A command injection vulnerability exists in ZSPACE Z4Pro+ version 1.0.0440024, which originates from a misuse of the function zfilev2apiSafeStatus in the file /v2/file/safe/status, which could lead to command injection...

8.8CVSS6.8AI score0.06828EPSS
Exploits1References5
CNNVD
CNNVDadded 2025/12/28 12:0 a.m.3 views

ZSPACE Z4Pro+ 命令注入漏洞

ZSPACE Z4Pro+ is a private cloud storage device from China Pole Space ZSPACE. A command injection vulnerability exists in ZSPACE Z4Pro+ version 1.0.0440024, which originates from a misbehavior of the function zfilev2apiCloseSafe in the file /v2/file/safe/close, which could lead to command injecti...

8.8CVSS6.8AI score0.06882EPSS
Exploits1References5
Rows per page
Query Builder