VYPR
Vendor

Kiloview

Products
7
CVEs
8
Across products
9
Status
Private

Products

7

Recent CVEs

8
  • CVE-2025-9265CriOct 13, 2025
    risk 0.65cvss epss 0.00

    A broken authorization vulnerability in Kiloview NDI N30 allows a remote unauthenticated attacker to deactivate user verification, giving them access to state changing actions that should only be initiated by administratorsThis issue affects Kiloview NDI N30 and was fixed in…

  • CVE-2026-1453CriJan 29, 2026
    risk 0.64cvss 9.8epss 0.01

    A missing authentication for critical function vulnerability in KiloView Encoder Series could allow an unauthenticated attacker to create or delete administrator accounts. This vulnerability can grant the attacker full administrative control over the product.

  • CVE-2023-41919CriJul 2, 2024
    risk 0.64cvss 9.8epss 0.00

    Hardcoded credentials are discovered within the application's source code, creating a potential security risk for unauthorized access.

  • CVE-2024-2161CriMar 21, 2024
    risk 0.64cvss 9.8epss 0.01

    Use of Hard-coded Credentials in Kiloview NDI allows un-authenticated users to bypass authenticationThis issue affects Kiloview NDI N3, N3-s, N4, N20, N30, N40 and was fixed in Firmware version 2.02.0227 .

  • CVE-2025-8915HigOct 13, 2025
    risk 0.57cvss epss 0.00

    Hardcoded TLS private key and certificate in firmware in Kiloview N30 2.02.246 allows malicious adversary to do a Mann-in-the-middle attack via the network

  • CVE-2024-2162HigMar 21, 2024
    risk 0.57cvss 8.8epss 0.02

    An OS Command Injection vulnerability in Kiloview NDI allows a low-privileged user to execute arbitrary code remotely on the device with high privileges. This issue affects Kiloview NDI N3, N3-s, N4, N20, N30, N40 and was fixed in Firmware version 2.02.0227 .

  • CVE-2023-41922HigJul 2, 2024
    risk 0.47cvss 7.2epss 0.00

    A 'Cross-site Scripting' (XSS) vulnerability, characterized by improper input neutralization during web page generation, has been discovered. This vulnerability allows for Stored XSS attacks to occur. Multiple areas within the administration interface of the webserver lack…

  • CVE-2025-63560Nov 6, 2025
    risk 0.00cvss epss 0.01

    An issue in KiloView Dual Channel 4k HDMI & 3G-SDI HEVC Video Encoder Firmware v.1.20.0006 allows a remote attacker to cause a denial of service via the systemctrl API System/reFactory component.