Security Vulnerabilities
A vulnerability was found in Yottamaster DM2, DM3 and DM200 up to 1.2.23/1.9.12. Affected by this issue is some unknown functionality of the component File Upload. Performing manipulation results in path traversal. Remote exploitation of the attack is possible. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Score
4.3
EPSS Score
0.002
Published
2025-12-08
Server-Side Request Forgery (SSRF) vulnerability in Infinera MTC-9 version allows
remote unauthenticated users to gain access to other network resources
using HTTPS requests through the appliance used as a bridge.
CVSS Score
8.6
EPSS Score
0.0
Published
2025-12-08
Improper Input Validation vulnerability in Infinera MTC-9 allows remote unauthenticated users to crash the service and cause a
reboot of the appliance, thus causing a DoS condition, via crafted XML
payloads.This issue affects MTC-9: from R22.1.1.0275 before R23.0.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-12-08
Improper input validation in the Netconf service in Infinera MTC-9 allows remote authenticated users to crash the service and
reboot the appliance, thus causing a DoS condition, via crafted XML
payloads.This issue affects MTC-9: from R22.1.1.0275 before R23.0.
CVSS Score
6.5
EPSS Score
0.001
Published
2025-12-08
Permission control vulnerability in the media library module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVSS Score
4.4
EPSS Score
0.0
Published
2025-12-08
Race condition vulnerability in the audio module. Impact: Successful exploitation of this vulnerability may affect availability.
CVSS Score
6.7
EPSS Score
0.0
Published
2025-12-08
Multi-thread race condition vulnerability in the camera framework module. Impact: Successful exploitation of this vulnerability may affect availability.
CVSS Score
5.1
EPSS Score
0.0
Published
2025-12-08
Multi-thread race condition vulnerability in the camera framework module. Impact: Successful exploitation of this vulnerability may affect availability.
CVSS Score
5.1
EPSS Score
0.0
Published
2025-12-08
Vulnerability of improper criterion security check in the card module. Impact: Successful exploitation of this vulnerability may affect availability.
CVSS Score
5.3
EPSS Score
0.0
Published
2025-12-08
Input verification vulnerability in the compression and decompression module. Impact: Successful exploitation of this vulnerability may affect app data integrity.
CVSS Score
8.4
EPSS Score
0.0
Published
2025-12-08