This page lists publicly disclosed CVE vulnerabilities affecting endruntechnologies sonoma_d12_firmware (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2025-60969 | Directory Traversal vulnerability in EndRun Technologies Sonoma D12 Network Time Server (GPS) F/W 6010-0076-000 Ver 4.00 allows attackers to gain sensitive information. | [email protected] | 5.7 | 0.54% | 2025-10-06 | 2026-07-05 |
| CVE-2025-60967 | Cross Site Scripting (XSS) vulnerability in EndRun Technologies Sonoma D12 Network Time Server (GPS) F/W 6010-0076-000 Ver 4.00 allows attackers to gain sensitive information. | [email protected] | 7.3 | 0.27% | 2025-10-06 | 2026-07-05 |
| CVE-2025-60965 | OS Command Injection vulnerability in EndRun Technologies Sonoma D12 Network Time Server (GPS) F/W 6010-0071-000 Ver 4.00 allows attackers to execute arbitrary code, cause a denial of service, gain escalated privileges, gain sensitive information, and possibly other unspecified impacts. | [email protected] | 9.1 | 1.38% | 2025-10-06 | 2026-07-05 |
| CVE-2025-60964 | OS Command Injection vulnerability in EndRun Technologies Sonoma D12 Network Time Server (GPS) F/W 6010-0071-000 Ver 4.00 allows attackers to execute arbitrary code, cause a denial of service, gain escalated privileges, gain sensitive information, and possibly other unspecified impacts. | [email protected] | 9.1 | 1.38% | 2025-10-06 | 2026-07-05 |
| CVE-2025-60963 | OS Command Injection vulnerability in EndRun Technologies Sonoma D12 Network Time Server (GPS) F/W 6010-0071-000 Ver 4.00 allows attackers to execute arbitrary code, cause a denial of service, gain escalated privileges, and gain sensitive information. | [email protected] | 8.2 | 0.98% | 2025-10-06 | 2026-07-05 |
| CVE-2025-60962 | OS Command Injection vulnerability in EndRun Technologies Sonoma D12 Network Time Server (GPS) F/W 6010-0071-000 Ver 4.00 allows attackers to gain sensitive information, and possibly other unspecified impacts. | [email protected] | 8.2 | 0.81% | 2025-10-06 | 2026-07-05 |
| CVE-2025-60961 | Cross Site Scripting (XSS) vulnerability in EndRun Technologies Sonoma D12 Network Time Server (GPS) F/W 6010-0071-000 Ver 4.00 allows attackers to gain sensitive information, and possibly other unspecified impacts. | [email protected] | 6.1 | 0.22% | 2025-10-06 | 2026-07-05 |
| CVE-2025-60960 | OS Command Injection vulnerability in EndRun Technologies Sonoma D12 Network Time Server (GPS) F/W 6010-0071-000 Ver 4.00 allows attackers to execute arbitrary code, cause a denial of service, gain escalated privileges, and gain sensitive information. | [email protected] | 8.2 | 0.98% | 2025-10-06 | 2026-07-05 |
| CVE-2025-60959 | OS Command Injection vulnerability in EndRun Technologies Sonoma D12 Network Time Server (GPS) F/W 6010-0071-000 Ver 4.00 allows attackers to gain sensitive information. | [email protected] | 8.2 | 0.81% | 2025-10-06 | 2026-07-05 |
| CVE-2025-60958 | Cross Site Scripting (XSS) vulnerability in EndRun Technologies Sonoma D12 Network Time Server (GPS) F/W 6010-0071-000 Ver 4.00 allows attackers to gain sensitive information. | [email protected] | 7.3 | 0.27% | 2025-10-06 | 2026-07-05 |
| CVE-2025-60957 | OS Command Injection vulnerability in EndRun Technologies Sonoma D12 Network Time Server (GPS) F/W 6010-0071-000 Ver 4.00 allows attackers to execute arbitrary code, cause a denial of service, gain escalated privileges, and gain sensitive information. | [email protected] | 9.9 | 1.34% | 2025-10-06 | 2026-07-05 |
| CVE-2025-60956 | Cross Site Request Forgery (CSRF) vulnerability in EndRun Technologies Sonoma D12 Network Time Server (GPS) F/W 6010-0071-000 Ver 4.00 allows attackers to execute arbitrary code, cause a denial of service, gain escalated privileges, and gain sensitive information. | [email protected] | 8.0 | 0.20% | 2025-10-06 | 2026-07-05 |