VYPR

NCM-X1800

by Nexxt Solutions

CVEs (2)

  • CVE-2025-52376CriJul 15, 2025
    risk 0.64cvss 9.8epss 0.09

    An authentication bypass vulnerability in the /web/um_open_telnet.cgi endpoint in Nexxt Solutions NCM-X1800 Mesh Router firmware UV1.2.7 and below, allowing an attacker to remotely enable the Telnet service without authentication, bypassing security controls. The Telnet server…

  • CVE-2025-52378MedJul 15, 2025
    risk 0.35cvss 5.4epss 0.06

    Cross-Site Scripting (XSS) vulnerability in Nexxt Solutions NCM-X1800 Mesh Router firmware UV1.2.7 and below allowing attackers to inject JavaScript code that is executed in the context of administrator sessions when viewing the device management page via the DEVICE_ALIAS…