CVE-2025-12602

/etc/avahi/services/z9.service can be Arbitrarily Written.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5...

CVE-2025-12553

CVE-2025-12553 affects Azure Access Technology BLU-IC2 and BLU-IC4 (through 1.19.5). The vulnerability comes from disabled email server certificate verification, enabling potential MITM exposure. Affected versions: BLU-IC2 and BLU-IC4 up to 1.19.5. The PT-2025-44648 note provides practical remedi...

Azure Access Technology BLU-IC2和Azure Access Technology BLU-IC4 安全漏洞

The Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 are both networked access controllers from Azure Access Technology, USA. A security vulnerability exists in the Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 that stems from disabling email server...

CVE-2025-12477

Server Version Disclosure.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5...

CVE-2025-12284

Lack of Input Validation in the web UI might lead to potential exploitation.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5...

PT-2025-43754

Name of the Vulnerable Software and Affected Versions BLU-IC2 versions through 1.19.5 BLU-IC4 versions through 1.19.5 Description A lack of input validation in the web user interface could allow for potential exploitation. The issue affects the web UI component. Recommendations Update BLU-IC2 to ...

PT-2025-43755

Name of the Vulnerable Software and Affected Versions BLU-IC2 versions through 1.19.5 BLU-IC4 versions through 1.19.5 Description The software ships with default credentials, potentially allowing for remote takeover. This impacts BLU-IC controllers. Recommendations BLU-IC2 versions through 1.19.5...

CVE-2025-12217

The CVE-2025-12217 issue concerns the use of a default SNMP community string (public) on Azure Access Technology BLU-IC2 and BLU-IC4. Affected devices are BLU-IC2 and BLU-IC4 with firmware versions up to 1.19.5. The root cause is the default community string, enabling network access without crede...

CVE-2025-12216

CVE-2025-12216 affects Azure Access Technology BLU-IC2 and BLU-IC4 (through version 1.19.5). The vulnerability arises from a malicious or malformed App that can be installed but not uninstalled, potentially causing service unavailability. Affected products are BLU-IC2 and BLU-IC4; impact is denia...

PT-2025-43735

Name of the Vulnerable Software and Affected Versions Busybox versions through 1.31.1 BLU-IC2 versions through 1.19.5 BLU-IC4 versions through 1.19.5 Description Busybox version 1.31.1 contains multiple known issues. These issues affect BLU-IC2 and BLU-IC4 devices. Recommendations Update Busybox ...

Azure Access Technology BLU-IC2和Azure Access Technology BLU-IC4 安全漏洞

The Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 are both networked access controllers from Azure Access Technology, USA. A security vulnerability exists in Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 that stems from the use of weak default...