Vendor

Audi

Products

CVEs

Across products

Status

Private

Products

CVE	Vendor / Product	CVSS	Published	Description
CVE-2025-45584	Audi UTR 2.0 Universal Traffic Recorder	—	Sep 12, 2025	Incorrect access control in the web service of Audi UTR 2.0 Universal Traffic Recorder 2.0 allows attackers to download car information without authentication.
CVE-2025-45586	Audi UTR 2.0 Universal Traffic Recorder	—	Sep 12, 2025	An issue in Audi UTR 2.0 Universal Traffic Recorder 2.0 allows attackers to arbitrarily overwrite files via supplying a crafted PUT request.
CVE-2025-45587	Audi UTR 2.0 Universal Traffic Recorder	—	Sep 12, 2025	A stack overflow in the FTP service of Audi UTR 2.0 Universal Traffic Recorder 2.0 allows attackers to cause a Denial of Service (DoS) via a crafted input.
CVE-2025-45585	Audi UTR 2.0 Universal Traffic Recorder	—	Sep 12, 2025	Multiple stored cross-site scripting (XSS) vulnerabilities in Audi UTR 2.0 Universal Traffic Recorder 2.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the wifi_sta_ssid or wifi_ap_ssid parameters.
CVE-2025-45583	Audi UTR 2.0 Universal Traffic Recorder	—	Sep 12, 2025	Incorrect access control in the FTP protocol of Audi UTR 2.0 Universal Traffic Recorder 2.0 allows attackers to authenticate into the service using any combination of username and password.

CVE-2025-45584Sep 12, 2025
Audi
UTR 2.0 Universal Traffic Recorder
risk 0.00cvss —epss 0.00
Incorrect access control in the web service of Audi UTR 2.0 Universal Traffic Recorder 2.0 allows attackers to download car information without authentication.
CVE-2025-45586Sep 12, 2025
Audi
UTR 2.0 Universal Traffic Recorder
risk 0.00cvss —epss 0.00
An issue in Audi UTR 2.0 Universal Traffic Recorder 2.0 allows attackers to arbitrarily overwrite files via supplying a crafted PUT request.
CVE-2025-45587Sep 12, 2025
Audi
UTR 2.0 Universal Traffic Recorder
risk 0.00cvss —epss 0.00
A stack overflow in the FTP service of Audi UTR 2.0 Universal Traffic Recorder 2.0 allows attackers to cause a Denial of Service (DoS) via a crafted input.
CVE-2025-45585Sep 12, 2025
Audi
UTR 2.0 Universal Traffic Recorder
risk 0.00cvss —epss 0.00
Multiple stored cross-site scripting (XSS) vulnerabilities in Audi UTR 2.0 Universal Traffic Recorder 2.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the wifi_sta_ssid or wifi_ap_ssid parameters.
CVE-2025-45583Sep 12, 2025
Audi
UTR 2.0 Universal Traffic Recorder
risk 0.00cvss —epss 0.00
Incorrect access control in the FTP protocol of Audi UTR 2.0 Universal Traffic Recorder 2.0 allows attackers to authenticate into the service using any combination of username and password.