Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities
CVE-2025-55731
Frappe is a full-stack web application framework. A carefully crafted request could extract data that the user would normally not have access to, via SQL injection. This vulnerability is fixed in 15.74.2 and 14.96.15.
CVSS Score
8.8
EPSS Score
0.0
Published
2025-08-20
CVE-2025-55482
Tenda AC6 V15.03.06.23_multi is vulnerable to Buffer Overflow in the formSetCfm function.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-08-20
CVE-2025-55498
Tenda AC6 V15.03.06.23_multi was discovered to contain a buffer overflow via the time parameter in the fromSetSysTime function.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-08-20
CVE-2025-1142
IBM Edge Application Manager 4.5 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks.
CVSS Score
5.4
EPSS Score
0.0
Published
2025-08-20
CVE-2025-1139
IBM Edge Application Manager 4.5 could allow a local user to read or modify resources that they should not have authorization to access due to incorrect permission assignment.
CVSS Score
6.1
EPSS Score
0.0
Published
2025-08-20
CVE-2025-55483
Tenda AC6 V15.03.06.23_multi is vulnerable to Buffer Overflow in the function formSetMacFilterCfg via the parameters macFilterType and deviceList.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-08-20
CVE-2025-55499
Tenda AC6 V15.03.06.23_multi was discovered to contain a buffer overflow via the ntpServer parameter in the fromSetSysTime function.
CVSS Score
6.5
EPSS Score
0.0
Published
2025-08-20
CVE-2025-55503
Tenda AC6 V15.03.06.23_multi has a stack overflow vulnerability via the deviceName parameter in the saveParentControlInfo function.
CVSS Score
7.3
EPSS Score
0.0
Published
2025-08-20
CVE-2025-30256
A denial of service vulnerability exists in the HTTP Header Parsing functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted series of HTTP requests can lead to a reboot. An attacker can send multiple network packets to trigger this vulnerability.
CVSS Score
8.6
EPSS Score
0.001
Published
2025-08-20
CVE-2025-31355
A firmware update vulnerability exists in the Firmware Signature Validation functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted malicious file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.
CVSS Score
7.2
EPSS Score
0.0
Published
2025-08-20


Products
Pricing
Contact Us

Shodan ® - All rights reserved