Vendor
Genieacs
Products
1
CVEs
2
Across products
2
Status
Private
Products
1- Genieacs2 CVEsnpm
Recent CVEs
2| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-56015 | Hig | 0.49 | 7.5 | 0.00 | Apr 7, 2026 | In GenieACS 1.2.13, an unauthenticated access vulnerability exists in the NBI API endpoint. | ||
| CVE-2021-46704 | 0.00 | — | 0.22 | Mar 6, 2022 | In GenieACS 1.2.x before 1.2.8, the UI interface API is vulnerable to unauthenticated OS command injection via the ping host argument (lib/ui/api.ts and lib/ping.ts). The vulnerability arises from insufficient input validation combined with a missing authorization check. |
- risk 0.49cvss 7.5epss 0.00
In GenieACS 1.2.13, an unauthenticated access vulnerability exists in the NBI API endpoint.
- CVE-2021-46704Mar 6, 2022risk 0.00cvss —epss 0.22
In GenieACS 1.2.x before 1.2.8, the UI interface API is vulnerable to unauthenticated OS command injection via the ping host argument (lib/ui/api.ts and lib/ping.ts). The vulnerability arises from insufficient input validation combined with a missing authorization check.