metz-connect CVE Vulnerabilities & CVE List (5)

Products (CPE): — CVEs: 5

metz-connect vulnerability overview

Aggregates CVE and security vulnerability intelligence across all metz-connect-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.

Historical issues mainly involve vendor risk path handling and vendor risk file inclusion and related problems; some flaws may lead to vendor impact file overwrite, affecting vendor surface software deployment scenarios.

Vulnerability distribution trend (last 24 months)

Showing 15 of 5 CVEs
«« First « Prev Page 1 / 1 Next »
CVE Summary Source Max CVSS EPSS % Published Updated
CVE-2025-41737 Due to webserver misconfiguration an unauthenticated remote attacker is able to read the source of php modules. [email protected] 7.5 0.38% 2025-11-18 2026-06-17
CVE-2025-41736 A low privileged remote attacker can upload a new or overwrite an existing python script by using a path traversal of the target filename in php resulting in a remote code execution. [email protected] 8.8 0.61% 2025-11-18 2026-06-17
CVE-2025-41735 A low privileged remote attacker can upload any file to an arbitrary location due to missing file check resulting in remote code execution. [email protected] 8.8 0.50% 2025-11-18 2026-06-17
CVE-2025-41734 An unauthenticated remote attacker can execute arbitrary php files and gain full access of the affected devices. [email protected] 9.8 0.46% 2025-11-18 2026-06-17
CVE-2025-41733 The commissioning wizard on the affected devices does not validate if the device is already initialized. An unauthenticated remote attacker can construct POST requests to set root credentials. [email protected] 9.8 0.56% 2025-11-18 2026-06-17
«« First « Prev Page 1 / 1 Next »
cvelogic Threat Intelligence