VYPR
Vendor

Cudy

Products
5
CVEs
7
Across products
8
Status
Private

Products

5

Recent CVEs

7
  • CVE-2026-4537MedMar 22, 2026
    risk 0.31cvss 4.7epss 0.10

    A vulnerability was determined in Cudy TR1200 R46-2.4.15-20250721-164017. Impacted is the function action_ipsec_conn of the file /usr/bin/lib/lua/luci/controller/ipsec.lua. Executing a manipulation can lead to command injection. The attack may be launched remotely. The exploit…

  • CVE-2025-11134LowSep 29, 2025
    risk 0.16cvss 2.4epss 0.00

    A security vulnerability has been detected in Cudy TR1200 1.16.3-20230804-164635. Impacted is an unknown function of the file /cgi-bin/luci/admin/network/wireless/config/ of the component Wireless Settings Page. Such manipulation of the argument SSID leads to cross site…

  • CVE-2025-9725LowAug 31, 2025
    risk 0.16cvss 2.5epss 0.00

    A vulnerability was identified in Cudy LT500E up to 2.3.12. Affected is an unknown function of the file /squashfs-root/etc/shadow of the component Web Interface. The manipulation leads to use of hard-coded password. The attack must be carried out locally. The attack's complexity…

  • CVE-2025-9589LowAug 28, 2025
    risk 0.16cvss 2.5epss 0.00

    A vulnerability was determined in Cudy WR1200EA 2.3.7-20250113-121810. Affected is an unknown function of the file /etc/shadow. Executing manipulation can lead to use of default password. The attack needs to be launched locally. A high complexity level is associated with this…

  • CVE-2023-31851Jul 17, 2023
    risk 0.00cvss epss 0.00

    Cudy LT400 1.13.4 is has a cross-site scripting (XSS) vulnerability in /cgi-bin/luci/admin/network/wireless/status via the iface parameter.

  • CVE-2023-31853Jul 17, 2023
    risk 0.00cvss epss 0.00

    Cudy LT400 1.13.4 is vulnerable Cross Site Scripting (XSS) in /cgi-bin/luci/admin/network/bandwidth via the icon parameter.

  • CVE-2023-31852Jul 17, 2023
    risk 0.00cvss epss 0.01

    Cudy LT400 1.13.4 is vulnerable to Cross Site Scripting (XSS) in cgi-bin/luci/admin/network/wireless/config via the iface parameter.