CVE-2025-28171
An issue in Grandstream UCM6510 v.1.0.20.52 and before allows a remote attacker to obtain sensitive information via the Login function at /c
CVSS
6.5
Medio
EPSS
0.3%
p22
KEV
—
Exploit Today
7
0-100
Publicado: 29 jul 2025 · Última mod.: 5 jul 2026 · CWE-922
0.3%EPSS · 30 días0.4%
2026-06-302026-07-17
An issue in Grandstream UCM6510 v.1.0.20.52 and before allows a remote attacker to obtain sensitive information via the Login function at /cgi and /webrtccgi.
CVECVSSEPSSKEVRExplotTítuloVis.
CVE-2024-483527.5 ALT37.8%
——11Yealink Meeting Server before V26.0.0.67 is vulnerable to sensitive data exposure in the server response via sending HTTP request with enterprise ID.14dCVE-2024-487708.2 ALT35.0%
——11An issue in Plug n Play Camera com.wisdomcity.zwave 1.1.0 allows a remote attacker to obtain sensitive information via the firmware update process.13dCVE-2025-452427.7 ALT22.2%
——7Rhymix v2.1.22 was discovered to contain an arbitrary file deletion vulnerability via the procFileAdminEditImage method in /file/file.admin.controller.php.14d