Vendor

Leica Geosystems

Products

CVEs

Across products

Status

Private

Products

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	KEV	Published	Description
CVE-2018-25131	Leica Geosystems GR10/GR25/GR30/GR50 GNSS	Hig	0.47	7.2	0.00		Dec 24, 2025	Leica Geosystems GR10/GR25/GR30/GR50 GNSS 4.30.063 contains a stored cross-site scripting vulnerability in the configuration file upload functionality. Attackers can upload a malicious HTML file to that executes arbitrary JavaScript in a user's browser session when viewed.
CVE-2019-25259	Leica Geosystems GR10	Med	0.34	5.3	0.00		Jan 8, 2026	Leica Geosystems GR10/GR25/GR30/GR50 GNSS 4.30.063 contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions without request validation. Attackers can trick logged-in users into executing unauthorized actions by crafting malicious web pages that submit requests to the application.

CVE-2018-25131HigDec 24, 2025
Leica Geosystems
GR10/GR25/GR30/GR50 GNSS
risk 0.47cvss 7.2epss 0.00
Leica Geosystems GR10/GR25/GR30/GR50 GNSS 4.30.063 contains a stored cross-site scripting vulnerability in the configuration file upload functionality. Attackers can upload a malicious HTML file to that executes arbitrary JavaScript in a user's browser session when viewed.
CVE-2019-25259MedJan 8, 2026
Leica Geosystems
GR10
risk 0.34cvss 5.3epss 0.00
Leica Geosystems GR10/GR25/GR30/GR50 GNSS 4.30.063 contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions without request validation. Attackers can trick logged-in users into executing unauthorized actions by crafting malicious web pages that submit requests to the application.