CVE-2025-15548 Missing Application-Layer Encryption in Web Interface Endpoints on TP-Link VX800v

Some VX800v v1.0 web interface endpoints transmit sensitive information over unencrypted HTTP due to missing application layer encryption, allowing a network adjacent attacker to intercept this traffic and compromise its confidentiality...

CVE-2025-66953

The CVE-2025-66953 issue affects the Narda MITEQ UPC2 Uplink Power Control Unit (UPC2, v1.17). The vulnerability is a CSRF flaw in the Web-based management interface that enables a remote attacker to execute arbitrary code via several endpoints, including /system_setup.htm, /set_clock.htm, /recei...