notnotnotveg

2 exploits Active since Dec 2025
CVE-2025-66237 WRITEUP MEDIUM WRITEUP
DCIM dcTrack - Privilege Escalation
DCIM dcTrack platforms utilize default and hard-coded credentials for access. An attacker could use these credentials to administer the database, escalate privileges on the platform or execute system commands on the host.
CVSS 6.7
CVE-2025-66238 WRITEUP HIGH WRITEUP
Sunbird DCIM dcTrack < 9.2.0 and >= 9.2.3 - Authenticated Network Traffic Redirection via Virtual Console
DCIM dcTrack allows an attacker to misuse certain remote access features. An authenticated user with access to the appliance's virtual console could exploit these features to redirect network traffic, potentially accessing restricted services or data on the host machine.
CVSS 7.2