VYPR

TCIV-3+

by Zenitel

CVEs (5)

  • CVE-2025-64130CriNov 26, 2025
    risk 0.64cvss 9.8epss 0.01

    Zenitel TCIV-3+ is vulnerable to a reflected cross-site scripting vulnerability, which could allow a remote attacker to execute arbitrary JavaScript on the victim's browser.

  • CVE-2025-64129HigNov 26, 2025
    risk 0.49cvss 7.6epss 0.00

    Zenitel TCIV-3+ is vulnerable to an out-of-bounds write vulnerability, which could allow a remote attacker to crash the device.

  • CVE-2025-59818Feb 4, 2026
    risk 0.00cvss epss 0.00

    This vulnerability allows authenticated attackers to execute arbitrary commands on the underlying system using the file name of an uploaded file.

  • CVE-2025-64091Jan 9, 2026
    risk 0.00cvss epss 0.00

    This vulnerability allows authenticated attackers to execute commands via the NTP-configuration of the device.

  • CVE-2025-64090Jan 9, 2026
    risk 0.00cvss epss 0.00

    This vulnerability allows authenticated attackers to execute commands via the hostname of the device.