4 matches found
CVE-2025-7976
Anritsu ShockLine is affected by CVE-2025-7976 due to a CHX file parsing deserialization flaw caused by insufficient validation of user-supplied data. This allows remote code execution when a user visits a malicious page or opens a malicious CHX file, with the attacker needing only user interacti...
CVE-2025-7975
Anritsu ShockLine CHX file parsing is vulnerable to a directory traversal leading to remote code execution. Root cause: missing validation of a user-supplied path before it is used in file operations, enabling code execution in the attacker’s context after user interaction (visiting a malicious p...
CVE-2025-15348
CVE-2025-15348 affects Anritsu ShockLine CHX file parsing. Root cause: insufficient validation of user-supplied data during CHX file parsing leading to deserialization of untrusted data. Impact: remote code execution in the context of the affected process. Exploitation: requires user interaction ...
CVE-2025-15349
CVE-2025-15349 covers a race-condition vulnerability in the SCPI component of Anritsu ShockLine. The flaw arises from insufficient locking when operating on objects, allowing network-adjacent attackers to execute arbitrary code in the current process without authentication. Multiple sources confi...