Vendor
DuraComm
Products
2
CVEs
3
Across products
4
Status
Private
Products
2- 3 CVEs
- 1 CVE
Recent CVEs
3| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-41425 | Hig | 0.53 | 8.1 | 0.00 | Jul 22, 2025 | DuraComm SPM-500 DP-10iN-100-MU is vulnerable to a cross-site scripting attack. This could allow an attacker to prevent legitimate users from accessing the web interface. | ||
| CVE-2025-53703 | Hig | 0.49 | 7.5 | 0.00 | Jul 22, 2025 | DuraComm SPM-500 DP-10iN-100-MU transmits sensitive data without encryption over a channel that could be intercepted by attackers. | ||
| CVE-2025-48733 | Hig | 0.49 | 7.5 | 0.00 | Jul 22, 2025 | DuraComm SPM-500 DP-10iN-100-MU lacks access controls for a function that should require user authentication. This could allow an attacker to repeatedly reboot the device. |
- risk 0.53cvss 8.1epss 0.00
DuraComm SPM-500 DP-10iN-100-MU is vulnerable to a cross-site scripting attack. This could allow an attacker to prevent legitimate users from accessing the web interface.
- risk 0.49cvss 7.5epss 0.00
DuraComm SPM-500 DP-10iN-100-MU transmits sensitive data without encryption over a channel that could be intercepted by attackers.
- risk 0.49cvss 7.5epss 0.00
DuraComm SPM-500 DP-10iN-100-MU lacks access controls for a function that should require user authentication. This could allow an attacker to repeatedly reboot the device.