Icx500 Firmware

2 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2025-64093 CRITICAL Act Now

Unauthenticated command injection via the hostname field enabling remote code execution with CVSS 10.0 and scope change. A separate vulnerability from CVE-2025-64090.

RCE Icx510 Firmware Icx500 Firmware
NVD
CVSS 3.1
10.0
EPSS
0.1%
CVE-2025-64092 HIGH This Week

This vulnerability allows unauthenticated attackers to inject an SQL request into GET request parameters and directly query the underlying database. [CVSS 7.5 HIGH]

SQLi Icx500 Firmware Icx510 Firmware
NVD
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-64093
EPSS 0% CVSS 10.0
CRITICAL Act Now

Unauthenticated command injection via the hostname field enabling remote code execution with CVSS 10.0 and scope change. A separate vulnerability from CVE-2025-64090.

RCE Icx510 Firmware Icx500 Firmware
NVD
CVE-2025-64092
EPSS 0% CVSS 7.5
HIGH This Week

This vulnerability allows unauthenticated attackers to inject an SQL request into GET request parameters and directly query the underlying database. [CVSS 7.5 HIGH]

SQLi Icx500 Firmware Icx510 Firmware
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy