Export CSV

Products

1 vendor
VendorProductsCVEsKEVAvg EPSSWorst Severity
11049.3%MEDIUM

Related CVEs

1
CVE IDDescriptionSeverityCVSSKEVEPSSPublished
CVE-2025-65287An unauthenticated directory traversal vulnerability in cgi-bin/upload.cgi in SNMP Web Pro 1.1 allows a remote attacker to read arbitrary files. The CGI concatenates the user-supplied params directly onto the base path (/var/www/files/userScript/) using memcpy + strcat without validation or canonicalization, enabling ../ sequences to escape the intended directory. The download branch also echoes the unsanitized params into Content-Disposition, introducing header-injection risk.MEDIUM4.349.3%Dec 9, 2025