VYPR
Vendor

Victure

Products
5
CVEs
17
Across products
17
Status
Private

Products

5

Recent CVEs

17
  • CVE-2025-28200CriMay 9, 2025
    risk 0.64cvss 9.8epss 0.01

    Victure RX1800 EN_V1.0.0_r12_110933 was discovered to utilize a weak default password which includes the last 8 digits of the Mac address.

  • CVE-2019-15940CriOct 1, 2019
    risk 0.64cvss 9.8epss 0.02

    Victure PC530 devices allow unauthenticated TELNET access as root.

  • CVE-2020-15744CriAug 30, 2021
    risk 0.63cvss 9.6epss 0.01

    Stack-based Buffer Overflow vulnerability in the ONVIF server component of Victure PC420 smart camera allows an attacker to execute remote code on the target device. This issue affects: Victure PC420 firmware version 1.2.2 and prior versions.

  • CVE-2021-43283HigNov 30, 2021
    risk 0.58cvss 8.8epss 0.05

    An issue was discovered on Victure WR1200 devices through 1.0.3. A command injection vulnerability was found within the web interface of the device, allowing an attacker with valid credentials to inject arbitrary shell commands to be executed by the device with root privileges.…

  • CVE-2025-28203HigMay 9, 2025
    risk 0.57cvss 8.8epss 0.01

    Victure RX1800 EN_V1.0.0_r12_110933 was discovered to contain a command injection vulnerability.

  • CVE-2025-28202HigMay 9, 2025
    risk 0.57cvss 8.8epss 0.00

    Incorrect access control in Victure RX1800 EN_V1.0.0_r12_110933 allows attackers to enable SSH and Telnet services without authentication.

  • CVE-2024-53937HigDec 2, 2024
    risk 0.57cvss 8.8epss 0.00

    An issue was discovered on Victure RX1800 WiFi 6 Router (software EN_V1.0.0_r12_110933, hardware 1.0) devices. The TELNET service is enabled by default with admin/admin as default credentials and is exposed over the LAN. The allows attackers to execute arbitrary commands with…

  • CVE-2024-53941HigDec 2, 2024
    risk 0.57cvss 8.8epss 0.01

    An issue was discovered in Victure RX1800 WiFi 6 Router (software EN_V1.0.0_r12_110933, hardware 1.0) devices. A remote attacker (in proximity to a Wi-Fi network) can derive the default Wi-Fi PSK value via the last 4 octets of the BSSID.

  • CVE-2024-53940HigDec 2, 2024
    risk 0.57cvss 8.8epss 0.02

    An issue was discovered in Victure RX1800 WiFi 6 Router (software EN_V1.0.0_r12_110933, hardware 1.0) devices. Certain /cgi-bin/luci/admin endpoints are vulnerable to command injection. Attackers can exploit this by sending crafted payloads through parameters intended for the…

  • CVE-2024-53939HigDec 2, 2024
    risk 0.57cvss 8.8epss 0.03

    An issue was discovered in Victure RX1800 WiFi 6 Router (software EN_V1.0.0_r12_110933, hardware 1.0) devices. The /cgi-bin/luci/admin/opsw/Dual_freq_un_apple endpoint is vulnerable to command injection through the 2.4 GHz and 5 GHz name parameters, allowing an attacker to…

  • CVE-2024-53938HigDec 2, 2024
    risk 0.57cvss 8.8epss 0.00

    An issue was discovered in Victure RX1800 WiFi 6 Router (software EN_V1.0.0_r12_110933, hardware 1.0) devices. The TELNET service is enabled by default and exposed over the LAN. The root account is accessible without a password, allowing attackers to achieve full control over…

  • CVE-2023-41612HigSep 18, 2024
    risk 0.57cvss 8.8epss 0.00

    Victure PC420 1.1.39 was discovered to use a weak encryption key for the file enabled_telnet.dat on the Micro SD card.

  • CVE-2023-41610HigSep 18, 2024
    risk 0.57cvss 8.8epss 0.00

    Victure PC420 1.1.39 was discovered to contain a hardcoded root password which is stored in plaintext.

  • CVE-2021-43284HigNov 30, 2021
    risk 0.51cvss 7.8epss 0.00

    An issue was discovered on Victure WR1200 devices through 1.0.3. The root SSH password never gets updated from its default value of admin. This enables an attacker to gain control of the device through SSH (regardless of whether the admin password was changed on the web…

  • CVE-2025-28201MedMay 9, 2025
    risk 0.44cvss 6.8epss 0.00

    An issue in Victure RX1800 EN_V1.0.0_r12_110933 allows physically proximate attackers to execute arbitrary code or gain root access.

  • CVE-2023-41611MedSep 18, 2024
    risk 0.42cvss 6.5epss 0.00

    Victure PC420 1.1.39 was discovered to use a weak and partially hardcoded key to encrypt data.

  • CVE-2021-43282MedNov 30, 2021
    risk 0.42cvss 6.5epss 0.01

    An issue was discovered on Victure WR1200 devices through 1.0.3. The default Wi-Fi WPA2 key is advertised to anyone within Wi-Fi range through the router's MAC address. The device default Wi-Fi password corresponds to the last 4 bytes of the MAC address of its 2.4 GHz network…