Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In February 2025
CVE-2025-25281
An attacker may modify the URL to discover sensitive information about the target network.
CVSS Score
8.7
EPSS Score
0.002
Published
2025-02-13
CVE-2025-26473
The Mojave Inverter uses the GET method for sensitive information.
CVSS Score
8.7
EPSS Score
0.002
Published
2025-02-13
CVE-2025-24861
An attacker may inject commands via specially-crafted post requests.
CVSS Score
8.7
EPSS Score
0.003
Published
2025-02-13
CVE-2025-24865
The administrative web interface of mySCADA myPRO Manager can be accessed without authentication which could allow an unauthorized attacker to retrieve sensitive information and upload files without the associated password.
CVSS Score
10.0
EPSS Score
0.672
Published
2025-02-13
CVE-2025-25067
mySCADA myPRO Manager is vulnerable to an OS command injection which could allow a remote attacker to execute arbitrary OS commands.
CVSS Score
9.3
EPSS Score
0.009
Published
2025-02-13
CVE-2025-1283
The Dingtian DT-R0 Series is vulnerable to an exploit that allows attackers to bypass login requirements by directly navigating to the main page.
CVSS Score
9.3
EPSS Score
0.0
Published
2025-02-13
CVE-2025-20615
The Qardio Arm iOS application exposes sensitive data such as usernames and passwords in a plist file. This allows an attacker to log in to production-level development accounts and access an engineering backdoor in the application. The engineering backdoor allows the attacker to send hex-based commands over a UI-based terminal.
CVSS Score
6.2
EPSS Score
0.001
Published
2025-02-13
CVE-2025-22896
mySCADA myPRO Manager stores credentials in cleartext, which could allow an attacker to obtain sensitive information.
CVSS Score
9.2
EPSS Score
0.332
Published
2025-02-13
CVE-2025-23411
mySCADA myPRO Manager is vulnerable to cross-site request forgery (CSRF), which could allow an attacker to obtain sensitive information. An attacker would need to trick the victim in to visiting an attacker-controlled website.
CVSS Score
5.1
EPSS Score
0.002
Published
2025-02-13
CVE-2023-34397
Mercedes Benz head-unit NTG 6 contains functions to import or export profile settings over USB. During parsing you can trigger that the service will be crashed.
CVSS Score
7.5
EPSS Score
0.003
Published
2025-02-13


Products
Pricing
Contact Us

Shodan ® - All rights reserved