VYPR

WaveView

by WaveStore

CVEs (2)

  • CVE-2025-65076Dec 16, 2025
    risk 0.00cvss epss 0.00

    WaveView client allows users to execute restricted set of predefined commands and scripts on the connected WaveStore Server. A malicious attacker with high-privileges is able to read or delete any file on the server using path traversal in the ilog script. This script is being…

  • CVE-2025-65074Dec 16, 2025
    risk 0.00cvss epss 0.00

    WaveView client allows users to execute restricted set of predefined commands and scripts on the connected WaveStore Server. A malicious attacker with high-privileges is able to execute arbitrary OS commands on the server using path traversal in the showerr script. This issue…