VYPR

Easy7 Integrated Management Platform

by Tiandy

CVEs (9)

  • CVE-2026-4585CriMar 23, 2026
    risk 0.64cvss 9.8epss 0.03

    A vulnerability has been found in Tiandy Easy7 Integrated Management Platform up to 7.17.0. This vulnerability affects unknown code of the file /Easy7/apps/WebService/ImportSystemConfiguration.jsp of the component Configuration Handler. The manipulation of the argument File…

  • CVE-2026-7698HigMay 3, 2026
    risk 0.48cvss 7.3epss 0.02

    A vulnerability was identified in Tiandy Easy7 Integrated Management Platform 7.17.0. Affected by this vulnerability is an unknown functionality of the file /Easy7/rest/systemInfo/updateDbBackupInfo. Such manipulation of the argument week leads to os command injection. The…

  • CVE-2026-9465HigMay 25, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was found in Tiandy Easy7 Integrated Management Platform 7.17.0. This vulnerability affects unknown code of the file /Easy7/apps/WebService/GetDBDataEx.jsp. Performing a manipulation of the argument strTBName results in sql injection. Remote exploitation of the…

  • CVE-2026-4288HigMar 17, 2026
    risk 0.47cvss 7.3epss 0.00

    A weakness has been identified in Tiandy Easy7 Integrated Management Platform 7.17.0. The impacted element is an unknown function of the file /rest/devStatus/getDevDetailedInfo of the component Endpoint. Executing a manipulation of the argument ID can lead to sql injection. The…

  • CVE-2026-4287HigMar 17, 2026
    risk 0.47cvss 7.3epss 0.00

    A security flaw has been discovered in Tiandy Easy7 Integrated Management Platform 7.17.0. The affected element is an unknown function of the file /rest/devStatus/queryResources of the component Endpoint. Performing a manipulation of the argument areaId results in sql injection.…

  • CVE-2026-4232HigMar 16, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was determined in Tiandy Integrated Management Platform 7.17.0. Affected by this issue is some unknown functionality of the file /rest/user/getAuthorityByUserId. Executing a manipulation of the argument userId can lead to sql injection. The attack may be launched…

  • CVE-2026-4221HigMar 16, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was found in Tiandy Easy7 Integrated Management Platform 7.17.0. This affects an unknown part of the file /rest/file/uploadLedImage of the component Endpoint. The manipulation of the argument File results in unrestricted upload. The attack may be launched…

  • CVE-2026-9466MedMay 25, 2026
    risk 0.34cvss 5.3epss 0.00

    A vulnerability was determined in Tiandy Easy7 Integrated Management Platform 7.17.0. This issue affects some unknown processing of the file /rest/user/updateUserPassword of the component API Endpoint. Executing a manipulation can lead to weak password recovery. The attack can…

  • CVE-2026-4187MedMar 16, 2026
    risk 0.34cvss 5.3epss 0.01

    A vulnerability was identified in Tiandy Easy7 Integrated Management Platform 7.17.0. Impacted is an unknown function of the file /WebService/UpdateLocalDevInfo.jsp of the component Device Identifier Handler. Such manipulation of the argument username/password leads to missing…