CISA

56 exploits Active since Aug 2014
CVE-2025-35451 WRITEUP CRITICAL WRITEUP
PTZOptics PT12X-SDI-XX-G2 Firmware < 6.3.34 - Use of Hard-coded Credentials
PTZOptics and possibly other ValueHD-based pan-tilt-zoom cameras use hard-coded, default administrative credentials. The passwords can readily be cracked. Many cameras have SSH or telnet listening on all interfaces. The passwords cannot be changed by the user, nor can the SSH or telnet service be disabled by the user.
CVSS 9.8
CVE-2025-58462 WRITEUP CRITICAL WRITEUP
OPEXUS FOIAXpress PAL <11.13.1.0 - SQL Injection
OPEXUS FOIAXpress Public Access Link (PAL) before version 11.13.1.0 allows SQL injection via SearchPopularDocs.aspx. A remote, unauthenticated attacker could read, write, or delete any content in the underlying database.
CVSS 9.8
CVE-2025-61939 WRITEUP HIGH WRITEUP
Columbia Weather MicroServer Firmware - Reverse SSH Redirection
An unused function in MicroServer can start a reverse SSH connection to a vendor registered domain, without mutual authentication. An attacker on the local network with admin access to the web server, and the ability to manipulate DNS responses, can redirect the SSH connection to an attacker controlled device.
CVSS 8.8
CVE-2025-64305 WRITEUP MEDIUM WRITEUP
Columbia Weather Systems MicroServer < MS_4.1_14142 - Cleartext Storage of Secrets on External SD Card
MicroServer copies parts of the system firmware to an unencrypted external SD card on boot, which contains user and vendor secrets. An attacker can utilize these plaintext secrets to modify the vendor firmware, or gain admin access to the web portal.
CVSS 6.5
CVE-2025-66620 WRITEUP HIGH WRITEUP
Columbia Weather MicroServer Firmware - Webshell Shell Access
An unused webshell in MicroServer allows unlimited login attempts, with sudo rights on certain files and directories. An attacker with admin access to MicroServer can gain limited shell access, enabling persistence through reverse shells, and the ability to modify or remove data stored in the file system.
CVSS 8.0
CVE-2025-8386 WRITEUP MEDIUM WRITEUP
AVEVA Application Server - Authenticated XSS via App Objects Help Files
The vulnerability, if exploited, could allow an authenticated miscreant (with privilege of "aaConfigTools") to tamper with App Objects' help files and persist a cross-site scripting (XSS) injection that when executed by a victim user, can result in horizontal or vertical escalation of privileges. The vulnerability can only be exploited during config-time operations within the IDE component of Application Server. Run-time components and operations are not affected.
CVSS 6.9