Skip to main content

Xproupf

2 CVEs product

Monthly

CVE-2026-8233 LOW Monitor

Improper access controls in Dotouch XproUPF 2.0.0 (release 088aa7c4) allow local authenticated attackers to bypass authentication mechanisms and gain unauthorized access to restricted functionality within the UPF component. The vulnerability requires high attack complexity and valid user credentials but affects confidentiality, integrity, and availability of the affected system. No public exploit code or active exploitation has been identified at time of analysis.

Authentication Bypass Xproupf
NVD VulDB
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-8232 MEDIUM This Month

Denial of service in Dotouch XproUPF 2.0.0 through manipulation of the vlib_worker_loop function in libvlib.so allows local authenticated attackers to crash the UPF process. The vulnerability has CVSS 5.1 (AV:A/AC:L/PR:L) and targets availability rather than confidentiality or integrity. No public exploit code or active exploitation has been confirmed; the vendor was notified early during responsible disclosure.

Denial Of Service Xproupf
NVD VulDB
CVSS 4.0
5.1
EPSS
0.0%
EPSS 0% CVSS 2.1
LOW Monitor

Improper access controls in Dotouch XproUPF 2.0.0 (release 088aa7c4) allow local authenticated attackers to bypass authentication mechanisms and gain unauthorized access to restricted functionality within the UPF component. The vulnerability requires high attack complexity and valid user credentials but affects confidentiality, integrity, and availability of the affected system. No public exploit code or active exploitation has been identified at time of analysis.

Authentication Bypass Xproupf
NVD VulDB
EPSS 0% CVSS 5.1
MEDIUM This Month

Denial of service in Dotouch XproUPF 2.0.0 through manipulation of the vlib_worker_loop function in libvlib.so allows local authenticated attackers to crash the UPF process. The vulnerability has CVSS 5.1 (AV:A/AC:L/PR:L) and targets availability rather than confidentiality or integrity. No public exploit code or active exploitation has been confirmed; the vendor was notified early during responsible disclosure.

Denial Of Service Xproupf
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy