ThinkPlus
by ThinkPlus
CVEs (2)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-13284 | Cri | 0.64 | 9.8 | 0.01 | Nov 17, 2025 | ThinPLUS developed by ThinPLUS has an OS Command Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary OS commands and execute them on the server. | ||
| CVE-2025-13455 | 0.00 | — | 0.00 | Jan 14, 2026 | A vulnerability was reported in ThinkPlus configuration software that could allow a local authenticated user to bypass ThinkPlus device authentication and enroll an untrusted fingerprint. |
- risk 0.64cvss 9.8epss 0.01
ThinPLUS developed by ThinPLUS has an OS Command Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary OS commands and execute them on the server.
- CVE-2025-13455Jan 14, 2026risk 0.00cvss —epss 0.00
A vulnerability was reported in ThinkPlus configuration software that could allow a local authenticated user to bypass ThinkPlus device authentication and enroll an untrusted fingerprint.