CVE-2026-24345

Medium CVSS: 6.8

Cross-Site Request Forgery in Admin UI of EZCast Pro II version 1.17478.146 allows attackers to bypass authorization checks and gain full access to the admin UI

Vendor

Nimbletech

Product

Ezcast Pro Dongle Ii Firmware

CWE

CWE-20

Yayın Tarihi

2026-01-27 10:15:48

Güncelleme

2026-02-05 17:32:34

Source Identifier

vulnerability@ncsc.ch

KEV Date Added

Kategoriler

CWE-20 Ezcast Pro Dongle Ii Firmware MEDIUM Nimbletech 2026

Referanslar

https://hub.ntc.swiss/ntcf-2025-32832

Benzer Kayıtlar

High

CVE-2026-24346

Use of well-known default credentials in Admin UI of EZCast Pro II version 1.17478.146 allows attackers to access protec…

Medium

CVE-2026-24347

Improper input validation in Admin UI of EZCast Pro II version 1.17478.146 allows attackers to manipulate files in the /…

High

CVE-2026-24348

Multiple cross-site scripting vulnerabilities in Admin UI of EZCast Pro II version 1.17478.146 allow attackers to execut…