Aggregating NVD, CVE, and multi-source threat feeds, this list provides deep analysis of high-risk threats such as RCE. By integrating CVSS and EPSS models, the system dynamically tracks Exp (Exploit) resources and PoC availability to accurately assess Exploitability. Combined with official Patches and remediation strategies, it helps prioritize Vulnerability Management workflows, significantly shortening response cycles and securing your critical assets.
Assigner (CNA / source):[email protected] Remove this filter
| CVE | Description | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|
| CVE-2025-41735 | A low privileged remote attacker can upload any file to an arbitrary location due to missing file check resulting in remote code execution. | 8.8 | 0.50% | 2025-11-18 | 2026-06-17 |
| CVE-2025-41734 | An unauthenticated remote attacker can execute arbitrary php files and gain full access of the affected devices. | 9.8 | 0.46% | 2025-11-18 | 2026-06-17 |
| CVE-2025-41733 | The commissioning wizard on the affected devices does not validate if the device is already initialized. An unauthenticated remote attacker can construct POST requests to set root credentials. | 9.8 | 0.56% | 2025-11-18 | 2026-06-17 |
| CVE-2025-41731 | A vulnerability was identified in the password generation algorithm when accessing the debug-interface. An unauthenticated local attacker with knowledge of the password generation timeframe might be able to brute force the password in a timely manner and thus gain root access to the device if the debug interface is still enabled. | 7.4 | 0.11% | 2025-11-10 | 2026-06-17 |
| CVE-2025-41724 | An unauthenticated remote attacker can crash the wscserver by sending incomplete SOAP requests. The wscserver process will not be restarted by a watchdog and a device reboot is necessary to make it work again. | 7.5 | 0.40% | 2025-10-22 | 2026-06-17 |
| CVE-2025-41723 | The importFile SOAP method is vulnerable to a directory traversal attack. An unauthenticated remote attacker bypass the path restriction and upload files to arbitrary locations. | 9.8 | 1.23% | 2025-10-22 | 2026-06-17 |
| CVE-2025-41722 | The wsc server uses a hard-coded certificate to check the authenticity of SOAP messages. An unauthenticated remote attacker can extract private keys from the Software of the affected devices. | 7.5 | 0.23% | 2025-10-22 | 2026-06-17 |
| CVE-2025-41721 | A high privileged remote attacker can influence the parameters passed to the openssl command due to improper neutralization of special elements when adding a password protected self-signed certificate. | 2.7 | 0.17% | 2025-10-22 | 2026-06-17 |
| CVE-2025-41720 | A low privileged remote attacker can upload arbitrary data masked as a png file to the affected device using the webserver API because only the file extension is verified. | 4.3 | 0.15% | 2025-10-22 | 2026-06-17 |
| CVE-2025-41719 | A low privileged remote attacker can corrupt the webserver users storage on the device by setting a sequence of unsupported characters which leads to deletion of all previously configured users and the creation of the default Administrator with a known default password. | 8.8 | 0.46% | 2025-10-22 | 2026-06-17 |
| CVE-2025-41718 | A cleartext transmission of sensitive information vulnerability in the affected products allows an unauthorized remote attacker to gain login credentials and access the Web-UI. | 7.5 | 0.24% | 2025-10-14 | 2026-06-17 |
| CVE-2025-41699 | An low privileged remote attacker with an account for the Web-based management can change the system configuration to perform a command injection as root, resulting in a total loss of confidentiality, availability and integrity due to improper control of generation of code ('Code Injection'). | 8.8 | 0.88% | 2025-10-14 | 2026-06-17 |
| CVE-2025-41707 | The websocket handler is vulnerable to a denial of service condition. An unauthenticated remote attacker can send a crafted websocket message to trigger the issue without affecting the core functionality. | 5.3 | 1.44% | 2025-10-14 | 2026-06-17 |
| CVE-2025-41706 | The webserver is vulnerable to a denial of service condition. An unauthenticated remote attacker can craft a special GET request with an over-long content-length to trigger the issue without affecting the core functionality. | 5.3 | 1.70% | 2025-10-14 | 2026-06-17 |
| CVE-2025-41705 | An unauthenticated remote attacker (MITM) can intercept the websocket messages to gain access to the login credentials for the Webfrontend. | 6.8 | 0.42% | 2025-10-14 | 2026-06-17 |
| CVE-2025-41704 | An unauthanticated remote attacker can perform a DoS of the Modbus service by sending a specific function and sub-function code without affecting the core functionality. | 5.3 | 1.50% | 2025-10-14 | 2026-06-17 |
| CVE-2025-41703 | An unauthenticated remote attacker can cause a Denial of Service by turning off the output of the UPS via Modbus command. | 7.5 | 1.00% | 2025-10-14 | 2026-06-17 |
| CVE-2025-41716 | The web application allows an unauthenticated remote attacker to learn information about existing user accounts with their corresponding role due to missing authentication for critical function. | 5.3 | 0.37% | 2025-09-24 | 2026-06-17 |
| CVE-2025-41715 | The database for the web application is exposed without authentication, allowing an unauthenticated remote attacker to gain unauthorized access and potentially compromise it. | 9.8 | 0.47% | 2025-09-24 | 2026-06-17 |
| CVE-2025-41713 | During a short time frame while the device is booting an unauthenticated remote attacker can send traffic to unauthorized networks due to the switch operating in an undefined state until a CPU-induced reset allows proper configuration. | 6.5 | 0.35% | 2025-09-15 | 2026-06-17 |