Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities
CVE-2025-60962
OS Command Injection vulnerability in EndRun Technologies Sonoma D12 Network Time Server (GPS) F/W 6010-0071-000 Ver 4.00 allows attackers to gain sensitive information, and possibly other unspecified impacts.
CVSS Score
8.2
EPSS Score
0.018
Published
2025-10-06
CVE-2025-60963
OS Command Injection vulnerability in EndRun Technologies Sonoma D12 Network Time Server (GPS) F/W 6010-0071-000 Ver 4.00 allows attackers to execute arbitrary code, cause a denial of service, gain escalated privileges, and gain sensitive information.
CVSS Score
8.2
EPSS Score
0.016
Published
2025-10-06
CVE-2025-60964
OS Command Injection vulnerability in EndRun Technologies Sonoma D12 Network Time Server (GPS) F/W 6010-0071-000 Ver 4.00 allows attackers to execute arbitrary code, cause a denial of service, gain escalated privileges, gain sensitive information, and possibly other unspecified impacts.
CVSS Score
9.1
EPSS Score
0.001
Published
2025-10-06
CVE-2025-60965
OS Command Injection vulnerability in EndRun Technologies Sonoma D12 Network Time Server (GPS) F/W 6010-0071-000 Ver 4.00 allows attackers to execute arbitrary code, cause a denial of service, gain escalated privileges, gain sensitive information, and possibly other unspecified impacts.
CVSS Score
9.1
EPSS Score
0.001
Published
2025-10-06
CVE-2025-60967
Cross Site Scripting (XSS) vulnerability in EndRun Technologies Sonoma D12 Network Time Server (GPS) F/W 6010-0076-000 Ver 4.00 allows attackers to gain sensitive information.
CVSS Score
7.3
EPSS Score
0.0
Published
2025-10-06
CVE-2025-60969
Directory Traversal vulnerability in EndRun Technologies Sonoma D12 Network Time Server (GPS) F/W 6010-0076-000 Ver 4.00 allows attackers to gain sensitive information.
CVSS Score
5.7
EPSS Score
0.002
Published
2025-10-06
CVE-2025-61769
Emlog is an open source website building system. A cross-site scripting (XSS) vulnerability in emlog up to and including version 2.5.22 allows authenticated remote attackers to inject arbitrary web script or HTML via the file upload functionality. As an authenticated user it is possible to upload .svg file that contains JavaScript code that is later being executed. Commit 052f9c4226b2c0014bcd857fec47677340b185b1 fixes the issue.
CVSS Score
6.1
EPSS Score
0.0
Published
2025-10-06
CVE-2025-60956
Cross Site Request Forgery (CSRF) vulnerability in EndRun Technologies Sonoma D12 Network Time Server (GPS) F/W 6010-0071-000 Ver 4.00 allows attackers to execute arbitrary code, cause a denial of service, gain escalated privileges, and gain sensitive information.
CVSS Score
8.0
EPSS Score
0.0
Published
2025-10-06
CVE-2025-60957
OS Command Injection vulnerability in EndRun Technologies Sonoma D12 Network Time Server (GPS) F/W 6010-0071-000 Ver 4.00 allows attackers to execute arbitrary code, cause a denial of service, gain escalated privileges, and gain sensitive information.
CVSS Score
9.9
EPSS Score
0.001
Published
2025-10-06
CVE-2025-60958
Cross Site Scripting (XSS) vulnerability in EndRun Technologies Sonoma D12 Network Time Server (GPS) F/W 6010-0071-000 Ver 4.00 allows attackers to gain sensitive information.
CVSS Score
7.3
EPSS Score
0.0
Published
2025-10-06


Products
Pricing
Contact Us

Shodan ® - All rights reserved