Pro II
by EZCast
CVEs (7)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-13955 | Cri | 0.60 | — | 0.00 | Dec 10, 2025 | Predictable default Wi-Fi Password in Access Point functionality in EZCast Pro II version 1.17478.146 allows attackers in Wi-Fi range to gain access to the dongle by calculating the default password from observable device identifiers | ||
| CVE-2025-13954 | Cri | 0.60 | — | 0.00 | Dec 10, 2025 | Hard-coded cryptographic keys in Admin UI of EZCast Pro II version 1.17478.146 allows attackers to bypass authorization checks and gain full access to the admin UI | ||
| CVE-2026-24344 | Hig | 0.47 | — | 0.00 | Jan 27, 2026 | Multiple Buffer Overflows in Admin UI of EZCast Pro II version 1.17478.146 allow attackers to cause a program crash and potential remote code execution | ||
| CVE-2026-24348 | 0.00 | — | 0.00 | Jan 27, 2026 | Multiple cross-site scripting vulnerabilities in Admin UI of EZCast Pro II version 1.17478.146 allow attackers to execute arbitrary JavaScript code in the browser of other Admin UI users. | |||
| CVE-2026-24347 | 0.00 | — | 0.00 | Jan 27, 2026 | Improper input validation in Admin UI of EZCast Pro II version 1.17478.146 allows attackers to manipulate files in the /tmp directory | |||
| CVE-2026-24346 | 0.00 | — | 0.00 | Jan 27, 2026 | Use of well-known default credentials in Admin UI of EZCast Pro II version 1.17478.146 allows attackers to access protected areas in the web application | |||
| CVE-2026-24345 | 0.00 | — | 0.00 | Jan 27, 2026 | Cross-Site Request Forgery in Admin UI of EZCast Pro II version 1.17478.146 allows attackers to bypass authorization checks and gain full access to the admin UI |
- risk 0.60cvss —epss 0.00
Predictable default Wi-Fi Password in Access Point functionality in EZCast Pro II version 1.17478.146 allows attackers in Wi-Fi range to gain access to the dongle by calculating the default password from observable device identifiers
- risk 0.60cvss —epss 0.00
Hard-coded cryptographic keys in Admin UI of EZCast Pro II version 1.17478.146 allows attackers to bypass authorization checks and gain full access to the admin UI
- risk 0.47cvss —epss 0.00
Multiple Buffer Overflows in Admin UI of EZCast Pro II version 1.17478.146 allow attackers to cause a program crash and potential remote code execution
- CVE-2026-24348Jan 27, 2026risk 0.00cvss —epss 0.00
Multiple cross-site scripting vulnerabilities in Admin UI of EZCast Pro II version 1.17478.146 allow attackers to execute arbitrary JavaScript code in the browser of other Admin UI users.
- CVE-2026-24347Jan 27, 2026risk 0.00cvss —epss 0.00
Improper input validation in Admin UI of EZCast Pro II version 1.17478.146 allows attackers to manipulate files in the /tmp directory
- CVE-2026-24346Jan 27, 2026risk 0.00cvss —epss 0.00
Use of well-known default credentials in Admin UI of EZCast Pro II version 1.17478.146 allows attackers to access protected areas in the web application
- CVE-2026-24345Jan 27, 2026risk 0.00cvss —epss 0.00
Cross-Site Request Forgery in Admin UI of EZCast Pro II version 1.17478.146 allows attackers to bypass authorization checks and gain full access to the admin UI