Kiloview
Products
7- 2 CVEs
- 2 CVEs
- 2 CVEs
- 1 CVE
- 1 CVE
- 1 CVE
- 0 CVEs
Recent CVEs
8| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-9265 | Cri | 0.65 | — | 0.00 | Oct 13, 2025 | A broken authorization vulnerability in Kiloview NDI N30 allows a remote unauthenticated attacker to deactivate user verification, giving them access to state changing actions that should only be initiated by administratorsThis issue affects Kiloview NDI N30 and was fixed in… | ||
| CVE-2026-1453 | Cri | 0.64 | 9.8 | 0.01 | Jan 29, 2026 | A missing authentication for critical function vulnerability in KiloView Encoder Series could allow an unauthenticated attacker to create or delete administrator accounts. This vulnerability can grant the attacker full administrative control over the product. | ||
| CVE-2023-41919 | Cri | 0.64 | 9.8 | 0.00 | Jul 2, 2024 | Hardcoded credentials are discovered within the application's source code, creating a potential security risk for unauthorized access. | ||
| CVE-2024-2161 | Cri | 0.64 | 9.8 | 0.01 | Mar 21, 2024 | Use of Hard-coded Credentials in Kiloview NDI allows un-authenticated users to bypass authenticationThis issue affects Kiloview NDI N3, N3-s, N4, N20, N30, N40 and was fixed in Firmware version 2.02.0227 . | ||
| CVE-2025-8915 | Hig | 0.57 | — | 0.00 | Oct 13, 2025 | Hardcoded TLS private key and certificate in firmware in Kiloview N30 2.02.246 allows malicious adversary to do a Mann-in-the-middle attack via the network | ||
| CVE-2024-2162 | Hig | 0.57 | 8.8 | 0.02 | Mar 21, 2024 | An OS Command Injection vulnerability in Kiloview NDI allows a low-privileged user to execute arbitrary code remotely on the device with high privileges. This issue affects Kiloview NDI N3, N3-s, N4, N20, N30, N40 and was fixed in Firmware version 2.02.0227 . | ||
| CVE-2023-41922 | Hig | 0.47 | 7.2 | 0.00 | Jul 2, 2024 | A 'Cross-site Scripting' (XSS) vulnerability, characterized by improper input neutralization during web page generation, has been discovered. This vulnerability allows for Stored XSS attacks to occur. Multiple areas within the administration interface of the webserver lack… | ||
| CVE-2025-63560 | 0.00 | — | 0.01 | Nov 6, 2025 | An issue in KiloView Dual Channel 4k HDMI & 3G-SDI HEVC Video Encoder Firmware v.1.20.0006 allows a remote attacker to cause a denial of service via the systemctrl API System/reFactory component. |
- risk 0.65cvss —epss 0.00
A broken authorization vulnerability in Kiloview NDI N30 allows a remote unauthenticated attacker to deactivate user verification, giving them access to state changing actions that should only be initiated by administratorsThis issue affects Kiloview NDI N30 and was fixed in…
- risk 0.64cvss 9.8epss 0.01
A missing authentication for critical function vulnerability in KiloView Encoder Series could allow an unauthenticated attacker to create or delete administrator accounts. This vulnerability can grant the attacker full administrative control over the product.
- risk 0.64cvss 9.8epss 0.00
Hardcoded credentials are discovered within the application's source code, creating a potential security risk for unauthorized access.
- risk 0.64cvss 9.8epss 0.01
Use of Hard-coded Credentials in Kiloview NDI allows un-authenticated users to bypass authenticationThis issue affects Kiloview NDI N3, N3-s, N4, N20, N30, N40 and was fixed in Firmware version 2.02.0227 .
- risk 0.57cvss —epss 0.00
Hardcoded TLS private key and certificate in firmware in Kiloview N30 2.02.246 allows malicious adversary to do a Mann-in-the-middle attack via the network
- risk 0.57cvss 8.8epss 0.02
An OS Command Injection vulnerability in Kiloview NDI allows a low-privileged user to execute arbitrary code remotely on the device with high privileges. This issue affects Kiloview NDI N3, N3-s, N4, N20, N30, N40 and was fixed in Firmware version 2.02.0227 .
- risk 0.47cvss 7.2epss 0.00
A 'Cross-site Scripting' (XSS) vulnerability, characterized by improper input neutralization during web page generation, has been discovered. This vulnerability allows for Stored XSS attacks to occur. Multiple areas within the administration interface of the webserver lack…
- CVE-2025-63560Nov 6, 2025risk 0.00cvss —epss 0.01
An issue in KiloView Dual Channel 4k HDMI & 3G-SDI HEVC Video Encoder Firmware v.1.20.0006 allows a remote attacker to cause a denial of service via the systemctrl API System/reFactory component.