VYPR

Appliance Configuration

by KoreLogic

CVEs (2)

  • CVE-2025-54766MedJul 29, 2025
    risk 0.35cvss 5.3epss 0.07

    An API endpoint that should be limited to web application administrators is hidden from, but accessible by, lower-level read only web application users. The endpoint can be used to export the appliance configuration, exposing sensitive information.

  • CVE-2025-54765MedJul 29, 2025
    risk 0.35cvss 5.3epss 0.07

    An API endpoint that should be limited to web application administrators is hidden from, but accessible by, lower-level read only web application users. The endpoint can be used to import the appliance configuration, allowing an attacker to control the configuration of the…