Cudy
Products
5- 3 CVEs
- 2 CVEs
- 1 CVE
- 1 CVE
- 1 CVE
Recent CVEs
7| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-4537 | Med | 0.31 | 4.7 | 0.10 | Mar 22, 2026 | A vulnerability was determined in Cudy TR1200 R46-2.4.15-20250721-164017. Impacted is the function action_ipsec_conn of the file /usr/bin/lib/lua/luci/controller/ipsec.lua. Executing a manipulation can lead to command injection. The attack may be launched remotely. The exploit… | ||
| CVE-2025-11134 | Low | 0.16 | 2.4 | 0.00 | Sep 29, 2025 | A security vulnerability has been detected in Cudy TR1200 1.16.3-20230804-164635. Impacted is an unknown function of the file /cgi-bin/luci/admin/network/wireless/config/ of the component Wireless Settings Page. Such manipulation of the argument SSID leads to cross site… | ||
| CVE-2025-9725 | Low | 0.16 | 2.5 | 0.00 | Aug 31, 2025 | A vulnerability was identified in Cudy LT500E up to 2.3.12. Affected is an unknown function of the file /squashfs-root/etc/shadow of the component Web Interface. The manipulation leads to use of hard-coded password. The attack must be carried out locally. The attack's complexity… | ||
| CVE-2025-9589 | Low | 0.16 | 2.5 | 0.00 | Aug 28, 2025 | A vulnerability was determined in Cudy WR1200EA 2.3.7-20250113-121810. Affected is an unknown function of the file /etc/shadow. Executing manipulation can lead to use of default password. The attack needs to be launched locally. A high complexity level is associated with this… | ||
| CVE-2023-31851 | 0.00 | — | 0.00 | Jul 17, 2023 | Cudy LT400 1.13.4 is has a cross-site scripting (XSS) vulnerability in /cgi-bin/luci/admin/network/wireless/status via the iface parameter. | |||
| CVE-2023-31853 | 0.00 | — | 0.00 | Jul 17, 2023 | Cudy LT400 1.13.4 is vulnerable Cross Site Scripting (XSS) in /cgi-bin/luci/admin/network/bandwidth via the icon parameter. | |||
| CVE-2023-31852 | 0.00 | — | 0.01 | Jul 17, 2023 | Cudy LT400 1.13.4 is vulnerable to Cross Site Scripting (XSS) in cgi-bin/luci/admin/network/wireless/config via the iface parameter. |
- risk 0.31cvss 4.7epss 0.10
A vulnerability was determined in Cudy TR1200 R46-2.4.15-20250721-164017. Impacted is the function action_ipsec_conn of the file /usr/bin/lib/lua/luci/controller/ipsec.lua. Executing a manipulation can lead to command injection. The attack may be launched remotely. The exploit…
- risk 0.16cvss 2.4epss 0.00
A security vulnerability has been detected in Cudy TR1200 1.16.3-20230804-164635. Impacted is an unknown function of the file /cgi-bin/luci/admin/network/wireless/config/ of the component Wireless Settings Page. Such manipulation of the argument SSID leads to cross site…
- risk 0.16cvss 2.5epss 0.00
A vulnerability was identified in Cudy LT500E up to 2.3.12. Affected is an unknown function of the file /squashfs-root/etc/shadow of the component Web Interface. The manipulation leads to use of hard-coded password. The attack must be carried out locally. The attack's complexity…
- risk 0.16cvss 2.5epss 0.00
A vulnerability was determined in Cudy WR1200EA 2.3.7-20250113-121810. Affected is an unknown function of the file /etc/shadow. Executing manipulation can lead to use of default password. The attack needs to be launched locally. A high complexity level is associated with this…
- CVE-2023-31851Jul 17, 2023risk 0.00cvss —epss 0.00
Cudy LT400 1.13.4 is has a cross-site scripting (XSS) vulnerability in /cgi-bin/luci/admin/network/wireless/status via the iface parameter.
- CVE-2023-31853Jul 17, 2023risk 0.00cvss —epss 0.00
Cudy LT400 1.13.4 is vulnerable Cross Site Scripting (XSS) in /cgi-bin/luci/admin/network/bandwidth via the icon parameter.
- CVE-2023-31852Jul 17, 2023risk 0.00cvss —epss 0.01
Cudy LT400 1.13.4 is vulnerable to Cross Site Scripting (XSS) in cgi-bin/luci/admin/network/wireless/config via the iface parameter.