BLU-IC4
by BLU
CVEs (17)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-12603 | Cri | 0.64 | 9.8 | 0.00 | Nov 1, 2025 | /etc/timezone can be Arbitrarily Written.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5. | ||
| CVE-2025-12553 | Cri | 0.64 | 9.8 | 0.00 | Oct 31, 2025 | Email Server Certificate Verification Disabled.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5. | ||
| CVE-2025-12516 | Cri | 0.64 | 9.8 | 0.00 | Oct 30, 2025 | Lack of Graceful Error Handling - HTTP 5xx ErrorThis issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5 . | ||
| CVE-2025-12515 | Cri | 0.64 | 9.8 | 0.00 | Oct 30, 2025 | Systemic Internal Server Errors - HTTP 500 ResponseThis issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5 . | ||
| CVE-2025-12478 | Cri | 0.64 | 9.8 | 0.00 | Oct 29, 2025 | Non-Compliant TLS Configuration.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5 . | ||
| CVE-2025-12477 | Cri | 0.64 | 9.8 | 0.00 | Oct 29, 2025 | Server Version Disclosure.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5 . | ||
| CVE-2025-12476 | Cri | 0.64 | 9.8 | 0.00 | Oct 29, 2025 | Resource Lacking AuthN.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5 . | ||
| CVE-2025-12424 | Cri | 0.64 | 9.8 | 0.00 | Oct 28, 2025 | Privilege Escalation through SUID-bit Binary.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5 . | ||
| CVE-2025-12364 | Cri | 0.64 | 9.8 | 0.00 | Oct 27, 2025 | Weak Password Policy.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5. | ||
| CVE-2025-12104 | Cri | 0.64 | 9.8 | 0.00 | Oct 23, 2025 | Outdated and Vulnerable UI Dependencies might potentially lead to exploitation.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5. | ||
| CVE-2025-12217 | Cri | 0.59 | 9.1 | 0.00 | Oct 25, 2025 | SNMP Default Community String (public).This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5. | ||
| CVE-2025-12479 | Hig | 0.57 | 8.8 | 0.00 | Oct 29, 2025 | Systemic Lack of Cross-Site Request Forgery (CSRF) Token Implementation.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5 . | ||
| CVE-2025-12425 | Hig | 0.51 | 7.8 | 0.00 | Oct 28, 2025 | Local Privilege Escalation.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5 . | ||
| CVE-2025-12278 | Med | 0.42 | 6.5 | 0.00 | Oct 26, 2025 | Logout Functionality not Working.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5. | ||
| CVE-2025-12284 | Med | 0.40 | 6.1 | 0.00 | Oct 26, 2025 | Lack of Input Validation in the web UI might lead to potential exploitation.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5. | ||
| CVE-2025-12001 | Med | 0.40 | 6.1 | 0.00 | Oct 20, 2025 | Lack of application manifest sanitation could lead to potential stored XSS.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5. | ||
| CVE-2025-12517 | Med | 0.34 | 5.3 | 0.00 | Oct 30, 2025 | Credits Page not Matching Versions in Use in the FirmwareThis issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5 . |
- risk 0.64cvss 9.8epss 0.00
/etc/timezone can be Arbitrarily Written.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5.
- risk 0.64cvss 9.8epss 0.00
Email Server Certificate Verification Disabled.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5.
- risk 0.64cvss 9.8epss 0.00
Lack of Graceful Error Handling - HTTP 5xx ErrorThis issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5 .
- risk 0.64cvss 9.8epss 0.00
Systemic Internal Server Errors - HTTP 500 ResponseThis issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5 .
- risk 0.64cvss 9.8epss 0.00
Non-Compliant TLS Configuration.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5 .
- risk 0.64cvss 9.8epss 0.00
Server Version Disclosure.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5 .
- risk 0.64cvss 9.8epss 0.00
Resource Lacking AuthN.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5 .
- risk 0.64cvss 9.8epss 0.00
Privilege Escalation through SUID-bit Binary.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5 .
- risk 0.64cvss 9.8epss 0.00
Weak Password Policy.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5.
- risk 0.64cvss 9.8epss 0.00
Outdated and Vulnerable UI Dependencies might potentially lead to exploitation.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5.
- risk 0.59cvss 9.1epss 0.00
SNMP Default Community String (public).This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5.
- risk 0.57cvss 8.8epss 0.00
Systemic Lack of Cross-Site Request Forgery (CSRF) Token Implementation.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5 .
- risk 0.51cvss 7.8epss 0.00
Local Privilege Escalation.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5 .
- risk 0.42cvss 6.5epss 0.00
Logout Functionality not Working.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5.
- risk 0.40cvss 6.1epss 0.00
Lack of Input Validation in the web UI might lead to potential exploitation.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5.
- risk 0.40cvss 6.1epss 0.00
Lack of application manifest sanitation could lead to potential stored XSS.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5.
- risk 0.34cvss 5.3epss 0.00
Credits Page not Matching Versions in Use in the FirmwareThis issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5 .