Deviceon Iedge

4 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2025-64302 MEDIUM This Month

Insufficient input sanitization in the dashboard label or path can allow an attacker to trigger a device error causing information disclosure or data manipulation. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure XSS Deviceon Iedge
NVD GitHub
CVSS 4.0
5.3
EPSS
0.1%
CVE-2025-62630 HIGH This Month

Due to insufficient sanitization, an attacker can upload a specially crafted configuration file to traverse directories and achieve remote code execution with system-level permissions. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal RCE Deviceon Iedge
NVD GitHub
CVSS 4.0
8.7
EPSS
0.2%
CVE-2025-59171 HIGH This Month

Due to insufficient sanitization, an attacker can upload a specially crafted configuration file to traverse directories and achieve remote code execution with system-level permissions. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal RCE Deviceon Iedge
NVD GitHub
CVSS 4.0
8.7
EPSS
0.1%
CVE-2025-58423 HIGH This Month

Due to insufficient sanitization, an attacker can upload a specially crafted configuration file to cause a denial-of-service condition, traverse directories, or read/write files, within the context. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Deviceon Iedge
NVD GitHub
CVSS 4.0
8.7
EPSS
0.1%
CVE-2025-64302
EPSS 0% CVSS 5.3
MEDIUM This Month

Insufficient input sanitization in the dashboard label or path can allow an attacker to trigger a device error causing information disclosure or data manipulation. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure XSS Deviceon Iedge
NVD GitHub
CVE-2025-62630
EPSS 0% CVSS 8.7
HIGH This Month

Due to insufficient sanitization, an attacker can upload a specially crafted configuration file to traverse directories and achieve remote code execution with system-level permissions. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal RCE Deviceon Iedge
NVD GitHub
CVE-2025-59171
EPSS 0% CVSS 8.7
HIGH This Month

Due to insufficient sanitization, an attacker can upload a specially crafted configuration file to traverse directories and achieve remote code execution with system-level permissions. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal RCE Deviceon Iedge
NVD GitHub
CVE-2025-58423
EPSS 0% CVSS 8.7
HIGH This Month

Due to insufficient sanitization, an attacker can upload a specially crafted configuration file to cause a denial-of-service condition, traverse directories, or read/write files, within the context. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Deviceon Iedge
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy