2 matches found
CVE-2025-63211
CVE-2025-63211 affects Bridgetech VBC Server & Element Manager. A stored cross-site scripting flaw exists in firmware versions 6.5.0-9 through 6.5.0-10, exploitable via the addName parameter on the /vbc/core/userSetupDoc/userSetupDoc endpoint, potentially enabling arbitrary code execution. Connec...
CVE-2025-63214
The CVE-2025-63214 affects bridgetech VBC Server & Element Manager, firmware 6.5.0-9 and 6.5.0-10, allowing unauthorized attackers to delete and create arbitrary accounts. Public sources (PT-2025-47526) recommend updating to a version newer than 6.5.0-10. Risk/exploitation details are not specifi...