Skip to main content

Proton

10 CVEs product

Monthly

CVE-2026-4746 CRITICAL PATCH Act Now

Out-of-bounds write vulnerability in Proton versions before 1.6.16 allows remote attackers to execute arbitrary code with high impact on confidentiality, integrity, and availability. The vulnerability resides in the inflate.C module within the base/poco/Foundation components and can be exploited over the network without authentication or user interaction. A patch is available to remediate this critical flaw.

Buffer Overflow Proton
NVD GitHub VulDB
CVSS 4.0
10.0
EPSS
0.0%
CVE-2022-25224 MEDIUM POC This Month

Proton v0.2.0 allows an attacker to create a malicious link inside a markdown file. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Proton
NVD
CVSS 3.1
5.4
EPSS
0.7%
CVE-2019-7274 CRITICAL POC THREAT Act Now

Optergy Proton/Enterprise devices allow Authenticated File Upload with Code Execution as root. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

File Upload RCE Enterprise Proton
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
29.0%
CVE-2019-7273 HIGH POC This Week

Optergy Proton/Enterprise devices allow Cross-Site Request Forgery (CSRF). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Enterprise Proton
NVD Exploit-DB
CVSS 3.1
8.8
EPSS
4.5%
CVE-2019-7272 MEDIUM POC THREAT This Month

Optergy Proton/Enterprise devices allow Username Disclosure. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Enterprise Proton
NVD Exploit-DB
CVSS 3.1
5.3
EPSS
10.5%
CVE-2019-7278 MEDIUM This Month

Optergy Proton/Enterprise devices have an Unauthenticated SMS Sending Service. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Enterprise Proton
NVD
CVSS 3.0
6.5
EPSS
1.5%
CVE-2019-7277 MEDIUM This Month

Optergy Proton/Enterprise devices allow Unauthenticated Internal Network Information Disclosure. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Enterprise Proton
NVD
CVSS 3.0
5.3
EPSS
1.9%
CVE-2019-7276 CRITICAL POC THREAT Emergency

Optergy Proton/Enterprise devices allow Remote Root Code Execution via a Backdoor Console. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Enterprise Proton
NVD Exploit-DB
CVSS 3.0
9.8
EPSS
93.4%
CVE-2019-7275 MEDIUM POC This Month

Optergy Proton/Enterprise devices allow Open Redirect. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Enterprise Proton
NVD
CVSS 3.1
6.1
EPSS
9.1%
CVE-2019-7279 HIGH This Week

Optergy Proton/Enterprise devices have Hard-coded Credentials. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Enterprise Proton
NVD
CVSS 3.0
7.3
EPSS
1.8%
EPSS 0% CVSS 10.0
CRITICAL PATCH Act Now

Out-of-bounds write vulnerability in Proton versions before 1.6.16 allows remote attackers to execute arbitrary code with high impact on confidentiality, integrity, and availability. The vulnerability resides in the inflate.C module within the base/poco/Foundation components and can be exploited over the network without authentication or user interaction. A patch is available to remediate this critical flaw.

Buffer Overflow Proton
NVD GitHub VulDB
EPSS 1% CVSS 5.4
MEDIUM POC This Month

Proton v0.2.0 allows an attacker to create a malicious link inside a markdown file. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Proton
NVD
EPSS 29% CVSS 9.8
CRITICAL POC THREAT Act Now

Optergy Proton/Enterprise devices allow Authenticated File Upload with Code Execution as root. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

File Upload RCE Enterprise +1
NVD Exploit-DB
EPSS 4% CVSS 8.8
HIGH POC This Week

Optergy Proton/Enterprise devices allow Cross-Site Request Forgery (CSRF). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Enterprise Proton
NVD Exploit-DB
EPSS 10% CVSS 5.3
MEDIUM POC THREAT This Month

Optergy Proton/Enterprise devices allow Username Disclosure. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Enterprise Proton
NVD Exploit-DB
EPSS 2% CVSS 6.5
MEDIUM This Month

Optergy Proton/Enterprise devices have an Unauthenticated SMS Sending Service. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Enterprise Proton
NVD
EPSS 2% CVSS 5.3
MEDIUM This Month

Optergy Proton/Enterprise devices allow Unauthenticated Internal Network Information Disclosure. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Enterprise Proton
NVD
EPSS 93% CVSS 9.8
CRITICAL POC THREAT Emergency

Optergy Proton/Enterprise devices allow Remote Root Code Execution via a Backdoor Console. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Enterprise Proton
NVD Exploit-DB
EPSS 9% CVSS 6.1
MEDIUM POC This Month

Optergy Proton/Enterprise devices allow Open Redirect. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Enterprise Proton
NVD
EPSS 2% CVSS 7.3
HIGH This Week

Optergy Proton/Enterprise devices have Hard-coded Credentials. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Enterprise Proton
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy