NetFax Server
by MICi
CVEs (2)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-48047 | Cri | 0.61 | — | 0.11 | May 29, 2025 | An authenticated user can perform command injection via unsanitized input to the NetFax Server’s ping functionality via the /test.php endpoint. | ||
| CVE-2025-48045 | Hig | 0.57 | — | 0.01 | May 29, 2025 | An unauthenticated HTTP GET request to the /client.php endpoint will disclose the default administrator user credentials. |
- risk 0.61cvss —epss 0.11
An authenticated user can perform command injection via unsanitized input to the NetFax Server’s ping functionality via the /test.php endpoint.
- risk 0.57cvss —epss 0.01
An unauthenticated HTTP GET request to the /client.php endpoint will disclose the default administrator user credentials.