VYPR

AggreGate Network Manager

by Tibbo

CVEs (2)

  • CVE-2025-34156MedOct 23, 2025
    risk 0.45cvss epss 0.00

    Tibbo AggreGate Network Manager < 6.40.05 exposes sensitive system information through an unauthenticated endpoint at /cwmp/happyaxis.jsp. The page discloses Java system properties, server path details, and version information to unauthorized users, resulting in information…

  • CVE-2025-34155MedOct 23, 2025
    risk 0.45cvss epss 0.01

    Tibbo AggreGate Network Manager < 6.40.05 contains an observable response discrepancy in its login functionality. Authentication failure messages differ based on whether a supplied username exists or not, allowing an unauthenticated remote attacker to infer valid account…