CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Nozominetworks: >> Guardian >> 22.6.2 Security Vulnerabilities

CVE-2025-3718

A client-side path traversal vulnerability was discovered in the web management interface front-end due to missing validation of an input parameter. An authenticated user with limited privileges can craft a malicious URL which, if visited by an authenticated victim, leads to a Cross-Site Scripting (XSS) attack.

CVSS Score

5.8

EPSS Score

0.0

Published

2025-10-07

CVE-2025-3719

An access control vulnerability was discovered in the CLI functionality due to a specific access restriction not being properly enforced for users with limited privileges. An authenticated user with limited privileges can issue administrative CLI commands, altering the device configuration, and/or affecting its availability.

CVSS Score

7.2

EPSS Score

0.001

Published

2025-10-07

Page 2

Vulnerabilities

Vulnerable Software

Nozominetworks: >> Guardian >> 22.6.2 Security Vulnerabilities

Products

Pricing

Contact Us