CVE-2025-58423
- EPSS 0.06%
- Veröffentlicht 06.11.2025 22:31:02
- Zuletzt bearbeitet 21.11.2025 16:29:54
Due to insufficient sanitization, an attacker can upload a specially crafted configuration file to cause a denial-of-service condition, traverse directories, or read/write files, within the context of the local system account.
CVE-2025-59171
- EPSS 0.11%
- Veröffentlicht 06.11.2025 22:29:27
- Zuletzt bearbeitet 19.11.2025 19:53:42
Due to insufficient sanitization, an attacker can upload a specially crafted configuration file to traverse directories and achieve remote code execution with system-level permissions.
CVE-2025-62630
- EPSS 0.1%
- Veröffentlicht 06.11.2025 22:27:14
- Zuletzt bearbeitet 19.11.2025 20:17:47
Due to insufficient sanitization, an attacker can upload a specially crafted configuration file to traverse directories and achieve remote code execution with system-level permissions.
CVE-2025-64302
- EPSS 0.04%
- Veröffentlicht 06.11.2025 22:24:15
- Zuletzt bearbeitet 19.11.2025 20:20:00
Insufficient input sanitization in the dashboard label or path can allow an attacker to trigger a device error causing information disclosure or data manipulation.
CVE-2021-40389
- EPSS 0.04%
- Veröffentlicht 28.01.2022 20:15:11
- Zuletzt bearbeitet 21.11.2024 06:24:01
A privilege escalation vulnerability exists in the installation of Advantech DeviceOn/iEdge Server 1.0.2. A specially-crafted file can be replaced in the system to escalate privileges to NT SYSTEM authority. An attacker can provide a malicious file t...