10 matches found
CVE-2025-69270
Broadcom DX NetOps Spectrum 24.3.8 and earlier are affected by Information Exposure Through Query Strings in GET Requests, enabling potential session hijacking on Windows and Linux. The vulnerability arises from information disclosure via GET request query strings, which could allow an attacker t...
CVE-2025-69267
CVE-2025-69267 is a path traversal vulnerability in Broadcom DX NetOps Spectrum (Windows/Linux). Affected versions are 24.3.8 and earlier; the root cause is improper restriction of a pathname to a restricted directory. The issue could enable access to files outside the intended scope. Red Hat and...
CVE-2025-69269
CVE-2025-69269 affects Broadcom DX NetOps Spectrum on Windows and Linux (versions 23.3.6 and earlier). Description: OS Command Injection caused by improper neutralization of special elements used in commands. The issue can enable arbitrary OS command execution with high impact on confidentiality,...
CVE-2025-69272
CVE-2025-69272 : Cleartext Transmission of Sensitive Information in Broadcom DX NetOps Spectrum on Windows and Linux. Affects Spectrum versions 21.2.1 and earlier; enables sniffing attacks due to unencrypted transmission of sensitive data. Connected sources corroborate affected products/versions ...
CVE-2025-69273
CVE-2025-69273 relates to Broadcom DX NetOps Spectrum running on Windows and Linux, with versions 24.3.10 and earlier affected. The issue is described as an improper authentication vulnerability that allows an authentication bypass, potentially enabling unauthorized access to the system. The link...
CVE-2025-69268
CVE-2025-69268 affects Broadcom DX NetOps Spectrum versions 24.3.8 and earlier. The root cause is improper neutralization of input during web page generation, leading to a reflected XSS vulnerability. Affected platforms include Windows and Linux. The vulnerability information is confirmed by mult...
CVE-2025-69275
The CVE describes a dependency on a vulnerable third-party component in Broadcom DX NetOps Spectrum, affecting version 24.3.9 and earlier, on Windows and Linux. The underlying issue is DOM-Based XSS triggered by the vulnerable component in the product’s runtime environment. Impact is limited to t...
CVE-2025-69276
The CVE-2025-69276 entry concerns Broadcom DX NetOps Spectrum (Windows and Linux) with deserialization of untrusted data leading to object injection. Affected versions are 24.3.13 and earlier. Root cause is insecure deserialization of untrusted input. The vulnerability could allow object injectio...
CVE-2025-69271
CVE-2025-69271 affects Broadcom DX NetOps Spectrum (Windows and Linux) up to version 24.3.13. The issue is described as insufficiently protected credentials that enable sniffing attacks. Multiple sources in connected documents corroborate the affected product and versions. Practical impact center...
CVE-2025-69274
CVE-2025-69274 affects Broadcom DX NetOps Spectrum up to version 24.3.10 (Windows and Linux). The issue is an authorization bypass caused by a user-controlled key, which could enable privilege escalation. Public sources consistently cite 24.3.10 and earlier as affected. Remediation is to upgrade ...