VYPR

Series

by Nokia

CVEs (12)

  • CVE-2025-34037CriJun 24, 2025
    risk 0.75cvss epss 0.85

    An OS command injection vulnerability exists in various models of E-Series Linksys routers via the /tmUnblock.cgi and /hndUnblock.cgi endpoints over HTTP on port 8080. The CGI scripts improperly process user-supplied input passed to the ttcp_ip parameter without sanitization,…

  • CVE-2025-9962CriSep 23, 2025
    risk 0.65cvss epss 0.01

    A buffer overflow vulnerability in Novakon P series allows attackers to gain root permission without prior authentication.This issue affects P series: P – V2001.A.C518o2 until P-2.0.05 Build 2026.02.06 (commit d0f97fd9).

  • CVE-2025-9963CriSep 23, 2025
    risk 0.61cvss epss 0.00

    A path traversal vulnerability in Novakon P series allows to expose the root file system "/" and modify all files with root permissions. This way the system can also be compromized.This issue affects P series: P – V2001.A.C518o2 until P-2.0.05 Build …

  • CVE-2025-9965CriSep 23, 2025
    risk 0.60cvss epss 0.01

    Improper authentication vulnerability in Novakon P series allows unauthenticated attackers to upload and download any application from/to the device.This issue affects P series: P – V2001.A.C518o2 until P-2.0.05 Build 2026.02.06 (commit d0f97fd9).

  • CVE-2025-9964HigSep 23, 2025
    risk 0.56cvss epss 0.00

    No password for the root user is set in Novakon P series. This allows phyiscal attackers to enter the console easily. This issue affects P series: P – V2001.A.C518o2 until P-2.0.05 Build 2026.02.06 (commit d0f97fd9).

  • CVE-2025-9966HigSep 23, 2025
    risk 0.47cvss epss 0.00

    Improper privilege management vulnerability in Novakon P series allows attackers to gain root privileges if one service is compromized.This issue affects P series: P – V2001.A.C518o2 until P-2.0.05 Build 2026.02.06 (commit d0f97fd9).

  • CVE-2025-62759MedDec 31, 2025
    risk 0.42cvss 6.5epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Justin Tadlock Series series allows Stored XSS.This issue affects Series: from n/a through <= 2.0.1.

  • CVE-2025-7432LowFeb 9, 2026
    risk 0.07cvss epss 0.00

    DPA countermeasures in Silicon Labs' Series 2 devices are not reseeded under certain conditions.  This may allow an attacker to eventually extract secret keys through a DPA attack.

  • CVE-2005-0681Mar 6, 2005
    risk 0.03cvss epss 0.03

    Nokia Symbian 60 allows remote attackers to cause a denial of service (phone restart) via a Bluetooth nickname.

  • CVE-2019-14708Aug 6, 2019
    risk 0.01cvss epss 0.04

    An issue was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5. A buffer overflow in the action parameter leads to remote code execution in the context of the nobody account.

  • CVE-2020-10264Apr 6, 2020
    risk 0.00cvss epss 0.01

    CB3 SW Version 3.3 and upwards, e-series SW Version 5.0 and upwards allow authenticated access to the RTDE (Real-Time Data Exchange) interface on port 30004 which allows setting registers, the speed slider fraction as well as digital and analog Outputs. Additionally…

  • CVE-2019-14698Aug 6, 2019
    risk 0.00cvss epss 0.04

    An issue was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5. In a CGI program running under the HTTPD web server, a buffer overflow in the param parameter leads to remote code execution in the context of the nobody account.