CVE-2025-65552

D3D Wi-Fi Home Security System ZX-G12 v2.1.1 is vulnerable to RF replay attacks on the 433 MHz sensor communication channel. The system does not implement rolling codes, message authentication, or anti-replay protection, allowing an attacker within RF range to record valid alarm/control frames an...

CVE-2025-65553

D3D Wi-Fi Home Security System ZX-G12 v2.1.17 is susceptible to RF jamming on the 433 MHz alarm sensor channel. An attacker within RF range can transmit continuous interference to block sensor transmissions, resulting in missed alarms and loss of security monitoring. The device lacks jamming...

CVE-2025-65552

D3D Wi-Fi Home Security System ZX-G12 v2.1.1 is vulnerable to RF replay attacks on the 433 MHz sensor communication channel. The system does not implement rolling codes, message authentication, or anti-replay protection, allowing an attacker within RF range to record valid alarm/control frames an...

D3D ZX-G12 安全漏洞

D3D ZX-G12 is a multi-functional smart home security alarm system from D3D India. A security vulnerability exists in D3D ZX-G12 version v2.1.17, which stems from a lack of interference detection in the 433 MHz alarm sensor channel, which could lead to a denial-of-service attack resulting in a...

D3D ZX-G12 安全漏洞

D3D ZX-G12 is a multi-functional smart home security alarm system from D3D India. A security vulnerability exists in D3D ZX-G12 v2.1.1, which stems from the lack of rolling code and anti-replay protection in the 433 MHz sensor communication channel, which could lead to a replay attack triggering ...

PT-2026-2268

Name of the Vulnerable Software and Affected Versions D3D Wi-Fi Home Security System ZX-G12 version 2.1.1 Description The D3D Wi-Fi Home Security System ZX-G12 version 2.1.1 is susceptible to RF replay attacks on the 433 MHz sensor communication channel. The system lacks essential security measur...

PT-2026-2269

Name of the Vulnerable Software and Affected Versions D3D Wi-Fi Home Security System ZX-G12 version 2.1.17 Description The D3D Wi-Fi Home Security System ZX-G12 is affected by a radio frequency RF jamming issue on the 433 MHz alarm sensor channel. An attacker within RF range can disrupt sensor...

CVE-2025-65552

Vulnerability summary (CVE-2025-65552): D3D Wi‑Fi Home Security System ZX‑G12, version 2.1.1, is vulnerable due to lack of rolling codes, message authentication, and anti‑replay protection on the 433 MHz sensor channel. An attacker within RF range can record valid alarm/control frames and replay ...

CVE-2025-65552

D3D Wi-Fi Home Security System ZX-G12 v2.1.1 is vulnerable to RF replay attacks on the 433 MHz sensor communication channel. The system does not implement rolling codes, message authentication, or anti-replay protection, allowing an attacker within RF range to record valid alarm/control frames an...

CVE-2016-10943

The zx-csv-upload plugin 1 for WordPress has SQL injection via the id parameter...

@1wen/tools (>=3.11.3 <=3.11.32), @2en/clawly-plugins (>=1.1.0 <=1.48.0-beta.11) +679 more potentially affected by CVE-2025-13437 via zx (>=1.14.2 <=8.8.5-lite)

zx NPM version =1.14.2, =3.11.3, =1.1.0, =0.1.1, =0.1.0, =0.0.2, =0.0.1, =0.8.0, =1.0.0, =1.0.0, =0.0.3, =0.4.0, =1.0.1, =1.0.5 and more Source cves: CVE-2025-13437 Source advisory: OSV:GHSA-W87R-VG9Q-CRQM...

zx Uses Incorrectly-Resolved Name or Reference

When zx is invoked with --prefer-local=, the CLI creates a symlink named ./nodemodules pointing to /nodemodules. Due to a logic error in src/cli.ts linkNodeModules / cleanup, the function returns the target path instead of the alias symlink path. The later cleanup routine removes what it received...

CVE-2025-13437

When zx is invoked with --prefer-local=, the CLI creates a symlink named ./nodemodules pointing to /nodemodules. Due to a logic error in src/cli.ts linkNodeModules / cleanup, the function returns the target path instead of the alias symlink path. The later cleanup routine removes what it received...

CVE-2025-13437

When zx is invoked with --prefer-local=, the CLI creates a symlink named ./nodemodules pointing to /nodemodules. Due to a logic error in src/cli.ts linkNodeModules / cleanup, the function returns the target path instead of the alias symlink path. The later cleanup routine removes what it received...

CVE-2025-13437 Arbitrary node_modules Directory Deletion in Google zx

When zx is invoked with --prefer-local=, the CLI creates a symlink named ./nodemodules pointing to /nodemodules. Due to a logic error in src/cli.ts linkNodeModules / cleanup, the function returns the target path instead of the alias symlink path. The later cleanup routine removes what it received...

@dadigua/hyper-chat (>=1.2.3 <=1.2.16), @rse/closingcredits (>=1.0.1 <=1.0.5) +3 more potentially affected by CVE-2025-13437 via zx (>=8.0.0 <=8.1.0)

zx NPM version =8.0.0, =1.2.3, =1.0.1, =2.15.6, =2.15.6, =3.0.5, =3.0.10 Source cves: CVE-2025-13437 Source advisory: SNYK:JS-ZX-14089787...

Use of Incorrectly-Resolved Name or Reference

Overview zx is an A tool for writing better scripts Affected versions of this package are vulnerable to Use of Incorrectly-Resolved Name or Reference via the linkNodeModules function. An attacker can cause deletion of arbitrary directories by supplying a crafted path to the --prefer-local...

CVE-2025-13437

ZX contains a vulnerability (CVE-2025-13437) where, when invoked with --prefer-local=, the CLI creates a symlink ./node_modules to the specified path and a logic error in src/cli.ts (linkNodeModules/cleanup) returns the target path instead of the symlink path. The subsequent cleanup can delete th...

CVE-2025-13437 Arbitrary node_modules Directory Deletion in Google zx

When zx is invoked with --prefer-local=, the CLI creates a symlink named ./nodemodules pointing to /nodemodules. Due to a logic error in src/cli.ts linkNodeModules / cleanup, the function returns the target path instead of the alias symlink path. The later cleanup routine removes what it received...

zx 安全漏洞

zx is a Google open source tool for writing scripts. A security vulnerability exists in zx that stems from a logic error that could lead to the deletion of the external nodemodules directory...