Vx800v Firmware
CVE-2025-15548
MEDIUM
Severity by source
AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Lifecycle Timeline
2DescriptionCVE.org
Some VX800v v1.0 web interface endpoints transmit sensitive information over unencrypted HTTP due to missing application layer encryption, allowing a network adjacent attacker to intercept this traffic and compromise its confidentiality.
AnalysisAI
Some VX800v v1.0 web interface endpoints transmit sensitive information over unencrypted HTTP due to missing application layer encryption, allowing a network adjacent attacker to intercept this traffic and compromise its confidentiality. [CVSS 6.5 MEDIUM]
Technical ContextAI
Classified as CWE-311 (Missing Encryption of Sensitive Data). Affects Vx800V Firmware. Some VX800v v1.0 web interface endpoints transmit sensitive information over unencrypted HTTP due to missing application layer encryption, allowing a network adjacent attacker to intercept this traffic and compromise its confidentiality.
RemediationAI
Monitor vendor advisories for a patch.
More in Vx800v Firmware
View allVx800V Firmware contains a vulnerability that allows attackers to high impact to confidentiality, integrity, and availab
Improper link resolution in the VX800v v1.0 SFTP service allows authenticated adjacent attackers to use crafted symbolic
Improper handling of exceptional conditions in VX800v v1.0 in SIP processing allows an attacker to flood the device with
Improper link resolution in USB HTTP access path in VX800v v1.0 allows a crafted USB device to expose root filesystem co
Same weakness CWE-311 – Missing Encryption of Sensitive Data
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today