CVE-2025-64055

Critical CVSS: 9.8

An issue was discovered in Fanvil x210 V2 2.12.20 allowing unauthenticated attackers on the local network to access administrative functions of the device (e.g. file upload, firmware update, reboot...) via a crafted authentication bypass.

Vendor

Fanvil

Product

X210 Firmware

CWE

CWE-287

Yayın Tarihi

2025-12-03 21:15:52

Güncelleme

2026-01-09 02:18:23

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-287 X210 Firmware CRITICAL Fanvil 2025

Referanslar

http://fanvil.com https://github.com/SpikeReply/advisories/blob/main/cve/fanvil/cve-2025-64055.md https://github.com/SpikeReply/advisories/blob/main/cve/fanvil/cve-2025-64055.md

Benzer Kayıtlar

Medium

CVE-2025-64052

An issue was discovered in Fanvil x210 V2 2.12.20 allowing unauthenticated attackers on the local network to execute arb…

High

CVE-2025-64053

A Buffer overflow vulnerability on Fanvil x210 2.12.20 devices allows attackers to cause a denial of service or potentia…

Critical

CVE-2025-64054

A reflected Cross Site Scripting (XSS) vulnerability on Fanvil x210 2.12.20 devices allows attackers to cause a denial o…

Medium

CVE-2025-64056

File upload vulnerability in Fanvil x210 V2 2.12.20 allows unauthenticated attackers on the local network to store arbit…

High

CVE-2025-64057

Directory traversal vulnerability in Fanvil x210 V2 2.12.20 allows unauthenticated attackers on the local network to sto…