Uchida: >> Wivia 5 Firmware Security Vulnerabilities
Cross-site scripting vulnerability exists in wivia 5 all versions. If exploited, when a user connects to the affected device with a specific operation, an arbitrary script may be executed on the web browser of the moderator user.
CVSS Score
5.4
EPSS Score
0.0
Published
2025-05-30
Client-side enforcement of server-side security issue exists in wivia 5 all versions. If exploited, an unauthenticated attacker may bypass authentication and operate the affected device as the moderator user.
CVSS Score
6.5
EPSS Score
0.001
Published
2025-05-30
An OS Command Injection issue exists in wivia 5 all versions. If this vulnerability is exploited, an arbitrary OS command may be executed by a logged-in administrative user.
CVSS Score
6.7
EPSS Score
0.001
Published
2025-05-30