TropOS 4th Gen

CVEs (2)

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	KEV	Published	Description
CVE-2025-1036	Hitachi TropOS 4th Gen	Hig	0.57	—	0.01		Oct 28, 2025	Command injection vulnerability exists in the “Logging” page of the web-based configuration utility. An authenticated user with low privileged network access for the configuration utility can execute arbitrary commands on the underlying OS to obtain root SSH access to the…
CVE-2025-1038	Hitachi TropOS 4th Gen	Hig	0.49	—	0.00		Oct 28, 2025	The “Diagnostics Tools” page of the web-based configuration utility does not properly validate user-controlled input, allowing an authenticated user with high privileges to inject commands into the command shell of the TropOS 4th Gen device. The injected commands can be…

CVE-2025-1036HigOct 28, 2025
Hitachi
TropOS 4th Gen
risk 0.57cvss —epss 0.01
Command injection vulnerability exists in the “Logging” page of the web-based configuration utility. An authenticated user with low privileged network access for the configuration utility can execute arbitrary commands on the underlying OS to obtain root SSH access to the…
CVE-2025-1038HigOct 28, 2025
Hitachi
TropOS 4th Gen
risk 0.49cvss —epss 0.00
The “Diagnostics Tools” page of the web-based configuration utility does not properly validate user-controlled input, allowing an authenticated user with high privileges to inject commands into the command shell of the TropOS 4th Gen device. The injected commands can be…