x210 V2
by Fanvil
CVEs (6)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-64052 | 0.00 | — | 0.00 | Dec 5, 2025 | An issue was discovered in Fanvil x210 V2 2.12.20 allowing unauthenticated attackers on the local network to execute arbitrary system commands. | |||
| CVE-2025-64056 | 0.00 | — | 0.00 | Dec 5, 2025 | File upload vulnerability in Fanvil x210 V2 2.12.20 allows unauthenticated attackers on the local network to store arbitrary files on the filesystem. | |||
| CVE-2025-64057 | 0.00 | — | 0.00 | Dec 5, 2025 | Directory traversal vulnerability in Fanvil x210 V2 2.12.20 allows unauthenticated attackers on the local network to store files in arbitrary locations and potentially modify the system configuration or other unspecified impacts. | |||
| CVE-2025-64053 | 0.00 | — | 0.00 | Dec 5, 2025 | A Buffer overflow vulnerability on Fanvil x210 2.12.20 devices allows attackers to cause a denial of service or potentially execute arbitrary commands via crafted POST request to the /cgi-bin/webconfig?page=upload&action=submit endpoint. | |||
| CVE-2025-64054 | 0.00 | — | 0.00 | Dec 5, 2025 | A reflected Cross Site Scripting (XSS) vulnerability on Fanvil x210 2.12.20 devices allows attackers to cause a denial of service or potentially execute arbitrary commands via crafted POST request to the /cgi-bin/webconfig?page=upload&action=submit endpoint. | |||
| CVE-2025-64055 | 0.00 | — | 0.01 | Dec 3, 2025 | An issue was discovered in Fanvil x210 V2 2.12.20 allowing unauthenticated attackers on the local network to access administrative functions of the device (e.g. file upload, firmware update, reboot...) via a crafted authentication bypass. |
- CVE-2025-64052Dec 5, 2025risk 0.00cvss —epss 0.00
An issue was discovered in Fanvil x210 V2 2.12.20 allowing unauthenticated attackers on the local network to execute arbitrary system commands.
- CVE-2025-64056Dec 5, 2025risk 0.00cvss —epss 0.00
File upload vulnerability in Fanvil x210 V2 2.12.20 allows unauthenticated attackers on the local network to store arbitrary files on the filesystem.
- CVE-2025-64057Dec 5, 2025risk 0.00cvss —epss 0.00
Directory traversal vulnerability in Fanvil x210 V2 2.12.20 allows unauthenticated attackers on the local network to store files in arbitrary locations and potentially modify the system configuration or other unspecified impacts.
- CVE-2025-64053Dec 5, 2025risk 0.00cvss —epss 0.00
A Buffer overflow vulnerability on Fanvil x210 2.12.20 devices allows attackers to cause a denial of service or potentially execute arbitrary commands via crafted POST request to the /cgi-bin/webconfig?page=upload&action=submit endpoint.
- CVE-2025-64054Dec 5, 2025risk 0.00cvss —epss 0.00
A reflected Cross Site Scripting (XSS) vulnerability on Fanvil x210 2.12.20 devices allows attackers to cause a denial of service or potentially execute arbitrary commands via crafted POST request to the /cgi-bin/webconfig?page=upload&action=submit endpoint.
- CVE-2025-64055Dec 3, 2025risk 0.00cvss —epss 0.01
An issue was discovered in Fanvil x210 V2 2.12.20 allowing unauthenticated attackers on the local network to access administrative functions of the device (e.g. file upload, firmware update, reboot...) via a crafted authentication bypass.