exploitDog

CVE-2025-64055

Опубликовано: 03 дек. 2025

Источник: nvd

CVSS3: 9.8

EPSS Низкий

Описание

An issue was discovered in Fanvil x210 V2 2.12.20 allowing unauthenticated attackers on the local network to access administrative functions of the device (e.g. file upload, firmware update, reboot...) via a crafted authentication bypass.

Ссылки

http://fanvil.com
Product
https://github.com/SpikeReply/advisories/blob/main/cve/fanvil/cve-2025-64055.md
Exploit
Third Party Advisory
https://github.com/SpikeReply/advisories/blob/main/cve/fanvil/cve-2025-64055.md
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:fanvil:x210_firmware:2.12.20:*:*:*:*:*:*:*

cpe:2.3:h:fanvil:x210:2.0:*:*:*:*:*:*:*

EPSS

Процентиль: 67%

0.00545

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-287

Связанные уязвимости

GHSA-j95v-gf4p-cg68

CVSS3: 9.8

github

2 месяца назад

An issue was discovered in Fanvil x210 V2 2.12.20 allowing unauthenticated attackers on the local network to access administrative functions of the device (e.g. file upload, firmware update, reboot...) via a crafted authentication bypass.

EPSS

Процентиль: 67%

0.00545

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-287