VYPR

CPC200-CCPA

by CarlinKit

CVEs (4)

  • CVE-2025-2765HigApr 23, 2025
    risk 0.57cvss 8.8epss 0.00

    CarlinKit CPC200-CCPA Wireless Hotspot Hard-Coded Credentials Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of CarlinKit CPC200-CCPA devices. Authentication is not required to exploit…

  • CVE-2025-2764HigApr 23, 2025
    risk 0.52cvss 8.0epss 0.00

    CarlinKit CPC200-CCPA update.cgi Improper Verification of Cryptographic Signature Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of CarlinKit CPC200-CCPA devices. Although authentication is…

  • CVE-2025-2762HigApr 23, 2025
    risk 0.51cvss 7.8epss 0.00

    CarlinKit CPC200-CCPA Missing Root of Trust Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of CarlinKit CPC200-CCPA devices. An attacker must first obtain the ability to execute low-privileged…

  • CVE-2025-2763MedApr 23, 2025
    risk 0.44cvss 6.8epss 0.00

    CarlinKit CPC200-CCPA Improper Verification of Cryptographic Signature Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of CarlinKit CPC200-CCPA devices. Authentication is not required to…

VYPR — Vulnerability Intelligence