Latest CVE Feed
-
8.8
HIGHCVE-2025-15389
VPN Firewall developed by QNO Technology has an OS Command Injection vulnerability, allowing authenticated remote attackers to inject arbitrary OS commands and execute them on the server.... Read more
Affected Products :- Published: Dec. 31, 2025
- Modified: Dec. 31, 2025
- Vuln Type: Injection
-
7.1
HIGHCVE-2025-2026
The NPort 6100-G2/6200-G2 Series is affected by a high-severity vulnerability (CVE-2025-2026) that allows remote attackers to execute a null byte injection through the device’s web API. This may lead to an unexpected device reboot and result in a denial-o... Read more
Affected Products :- Published: Dec. 31, 2025
- Modified: Dec. 31, 2025
- Vuln Type: Injection
-
8.8
HIGHCVE-2025-15388
VPN Firewall developed by QNO Technology has an OS Command Injection vulnerability, allowing authenticated remote attackers to inject arbitrary OS commands and execute them on the server.... Read more
Affected Products :- Published: Dec. 31, 2025
- Modified: Dec. 31, 2025
- Vuln Type: Injection
-
7.0
HIGHCVE-2025-15017
A vulnerability exists in serial device servers where active debug code remains enabled in the UART interface. An attacker with physical access to the device can directly connect to the UART interface and, without authentication, user interaction, or exec... Read more
- Published: Dec. 31, 2025
- Modified: Dec. 31, 2025
- Vuln Type: Authentication
-
7.7
HIGHCVE-2025-1977
The NPort 6100-G2/6200-G2 Series is affected by an execution with unnecessary privileges vulnerability (CVE-2025-1977) that allows an authenticated user with read-only access to perform unauthorized configuration changes through the MCC (Moxa CLI Configur... Read more
Affected Products :- Published: Dec. 31, 2025
- Modified: Dec. 31, 2025
- Vuln Type: Authorization