Bloomberg’s Mark Gurman is reporting that Johny Srouji, senior vice president of hardware technologies, told Tim Cook he is “seriously
Vulnerabilities
CVE-2025-66515 | Nextcloud Approval App up to 1.3.0/2.4.x improper authentication (GHSA-q26g-fmjq-x5g5)
A vulnerability marked as critical has been reported in Nextcloud Approval App up to 1.3.0/2.4.x. Affected by this issue is
CVE-2025-66514 | Nextcloud Mail up to 5.5.2 Message cross site scripting (GHSA-v394-8gpc-6fv5)
A vulnerability described as problematic has been identified in Nextcloud Mail up to 5.5.2. This affects an unknown part of
CVE-2025-66554 | Nextcloud Contacts App up to 5.5.3/6.0.5/7.2.4 CSS File Parser organisation/title cross site scripting (GHSA-9v78-cpfc-v6h2)
A vulnerability classified as problematic has been found in Nextcloud Contacts App up to 5.5.3/6.0.5/7.2.4. This vulnerability affects unknown code
CVE-2025-66553 | Nextcloud Tables up to 0.8.6/0.9.3 authorization (GHSA-p53h-6294-crjw)
A vulnerability classified as problematic was found in Nextcloud Tables up to 0.8.6/0.9.3. This issue affects some unknown processing. Executing
CVE-2025-66556 | Nextcloud Talk up to 20.1.7/21.1.1 Conversation authorization (GHSA-pr9f-vqgg-m2jh)
A vulnerability, which was classified as problematic, has been found in Nextcloud Talk up to 20.1.7/21.1.1. Impacted is an unknown
CVE-2025-66644 | Array ArrayOS AG up to 9.4.5.9 os command injection
A vulnerability, which was classified as critical, was found in Array ArrayOS AG up to 9.4.5.9. The affected element is
CVE-2025-34257 | Advantech WISE-DeviceOn Server up to 5.3 /rmm/v1/action/defined defined_name cross site scripting
A vulnerability has been found in Advantech WISE-DeviceOn Server up to 5.3 and classified as problematic. The impacted element is
CVE-2025-34258 | Advantech WISE-DeviceOn Server up to 5.3 /rmm/v1/devicemap/plan area name cross site scripting
A vulnerability was found in Advantech WISE-DeviceOn Server up to 5.3 and classified as problematic. This affects an unknown function
CVE-2025-34259 | Advantech WISE-DeviceOn Server up to 5.3 building Name cross site scripting
A vulnerability was found in Advantech WISE-DeviceOn Server up to 5.3. It has been classified as problematic. This impacts an
CVE-2025-34260 | Advantech WISE-DeviceOn Server up to 5.3 /rmm/v1/action/schedule cross site scripting
A vulnerability was found in Advantech WISE-DeviceOn Server up to 5.3. It has been declared as problematic. Affected is an
CVE-2025-34261 | Advantech WISE-DeviceOn Server up to 5.3 Device Group /rmm/v1/devicegroups/ name/description cross site scripting
A vulnerability was found in Advantech WISE-DeviceOn Server up to 5.3. It has been rated as problematic. Affected by this
CVE-2025-34262 | Advantech WISE-DeviceOn Server up to 5.3 /rmm/v1/devices/name/ new_name cross site scripting
A vulnerability categorized as problematic has been discovered in Advantech WISE-DeviceOn Server up to 5.3. Affected by this issue is
CVE-2025-34264 | Advantech WISE-DeviceOn Server up to 5.3 /rmm/v1/dog/ cross site scripting
A vulnerability identified as problematic has been detected in Advantech WISE-DeviceOn Server up to 5.3. This affects an unknown part
CVE-2025-34265 | Advantech WISE-DeviceOn Server up to 5.3 /rmm/v1/rule-engines min/max/unit cross site scripting
A vulnerability labeled as problematic has been found in Advantech WISE-DeviceOn Server up to 5.3. This vulnerability affects unknown code
CVE-2020-36880 | Flexsense DiskBoss 7.7.14 Reports/Data Directory memory corruption (Exploit 48689 / EDB-48689)
A vulnerability marked as critical has been reported in Flexsense DiskBoss 7.7.14. This issue affects some unknown processing. Performing manipulation
CVE-2025-34263 | Advantech WISE-DeviceOn Server up to 5.3 Configuration Data menus label/path cross site scripting
A vulnerability described as problematic has been identified in Advantech WISE-DeviceOn Server up to 5.3. Impacted is an unknown function
CVE-2025-34266 | Advantech WISE-DeviceOn Server up to 5.3 menus label/path cross site scripting
A vulnerability classified as problematic has been found in Advantech WISE-DeviceOn Server up to 5.3. The affected element is an
CVE-2025-12091 | Fast Simon Search, Filters & Merchandising for WooCommerce Plugin Deactivation wcis_save_email authorization
A vulnerability classified as problematic was found in Fast Simon Search, Filters & Merchandising for WooCommerce Plugin up to 3.0.63
CVE-2025-13626 | myLCO Plugin up to 0.8.1 on WordPress $_SERVER[‘PHP_SELF’] cross site scripting
A vulnerability, which was classified as problematic, has been found in myLCO Plugin up to 0.8.1 on WordPress. This affects
CVE-2025-13894 | CSV Sumotto Plugin up to 1.0 on WordPress $_SERVER[‘PHP_SELF’] cross site scripting
A vulnerability, which was classified as problematic, was found in CSV Sumotto Plugin up to 1.0 on WordPress. This impacts
CVE-2025-12673 | Flex QR Code Generator Plugin up to 1.2.6 on WordPress update_qr_code unrestricted upload
A vulnerability has been found in Flex QR Code Generator Plugin up to 1.2.6 on WordPress and classified as critical.
CVE-2025-12966 | All-in-One Video Gallery Plugin up to 4.5.4/4.5.7 on WordPress resolve_import_directory unrestricted upload
A vulnerability was found in All-in-One Video Gallery Plugin up to 4.5.4/4.5.7 on WordPress and classified as critical. Affected by
CVE-2025-13065 | Starter Templates Plugin up to 4.4.41 on WordPress WXR File unrestricted upload
A vulnerability was found in Starter Templates Plugin up to 4.4.41 on WordPress. It has been classified as critical. Affected
CVE-2025-13666 | Helloprint Plugin up to 2.1.2 on WordPress REST API Endpoint complete_order_from_helloprint_callback authorization
A vulnerability was found in Helloprint Plugin up to 2.1.2 on WordPress. It has been declared as problematic. This affects
CVE-2025-12574 | Directory Listing & Classifieds Plugin up to 3.0.0 on WordPress REST API Endpoint delete authorization
A vulnerability was found in Directory Listing & Classifieds Plugin and Listar – Directory Listing & Classifieds Plugin up to
CVE-2025-12577 | Directory Listing & Classifieds Plugin up to 3.0.0 on WordPress REST API Endpoint save authorization
A vulnerability categorized as problematic has been discovered in Directory Listing & Classifieds Plugin up to 3.0.0 on WordPress. This
CVE-2025-12721 | g-FFL Cockpit Plugin up to 1.7.1 on WordPress REST API Endpoint /server_status authorization
A vulnerability identified as problematic has been detected in g-FFL Cockpit Plugin up to 1.7.1 on WordPress. Impacted is an
CVE-2025-12720 | g-FFL Cockpit Plugin up to 1.7.1 on WordPress handle_enqueue_only improper authorization
A vulnerability labeled as critical has been found in g-FFL Cockpit Plugin up to 1.7.1 on WordPress. The affected element
CVE-2025-13748 | Fluent Forms Plugin up to 6.1.7 on WordPress confirmScaPayment submission_id resource injection
A vulnerability marked as problematic has been reported in Fluent Forms Plugin up to 6.1.7 on WordPress. The impacted element
CVE-2025-13309 | CodeConfig Accessiy Plugin up to 1.0.0 on WordPress Setting authorization
A vulnerability described as problematic has been identified in CodeConfig Accessiy Plugin up to 1.0.0 on WordPress. This affects an
CVE-2025-13358 | CodeConfig Accessiy Plugin up to 1.0.0 on WordPress Settings::createPage authorization
A vulnerability classified as critical has been found in CodeConfig Accessiy Plugin up to 1.0.0 on WordPress. This impacts the
CVE-2025-13377 | Booster Plugin up to 2.32.7 on WordPress get_cache_dir_for_page_from_url denial of service
A vulnerability classified as problematic was found in Booster Plugin up to 2.32.7 on WordPress. Affected is the function get_cache_dir_for_page_from_url.
CVE-2025-13137 | Live Sales Notification for Woocommerce Plugin up to 3.6.3 on WordPress woomotiv_limit cross site scripting
A vulnerability, which was classified as problematic, has been found in Live Sales Notification for Woocommerce Plugin up to 3.6.3
CVE-2025-12715 | Canadian Nutrition Facts Label Plugin up to 3.0 on WordPress percentage cross site scripting
A vulnerability, which was classified as problematic, was found in Canadian Nutrition Facts Label Plugin up to 3.0 on WordPress.
CVE-2025-13898 | Ultra Skype Button Plugin up to 1.0 on WordPress Shortcode ultra_skype btn_id cross site scripting
A vulnerability has been found in Ultra Skype Button Plugin up to 1.0 on WordPress and classified as problematic. This
CVE-2025-13899 | TR Timthumb Plugin up to 1.0.4 on WordPress Shortcode cross site scripting
A vulnerability was found in TR Timthumb Plugin up to 1.0.4 on WordPress and classified as problematic. This vulnerability affects
CVE-2025-12499 | Rich Shortcodes for Google Reviews Plugin up to 6.6.2/6.8 on WordPress Shortcode cross site scripting
A vulnerability was found in Rich Shortcodes for Google Reviews Plugin up to 6.6.2/6.8 on WordPress. It has been classified
CVE-2025-12717 | List Attachments Shortcode Plugin up to 0.4.1a on WordPress before_list cross site scripting
A vulnerability was found in List Attachments Shortcode Plugin up to 0.4.1a on WordPress. It has been declared as problematic.
CVE-2025-13907 | CSS3 Buttons Plugin up to 0.1 on WordPress Shortcode cross site scripting
A vulnerability was found in CSS3 Buttons Plugin up to 0.1 on WordPress. It has been rated as problematic. The
CVE-2025-13896 | Social Feed Gallery Portfolio Plugin up to 1.3 on WordPress Shortcode ID cross site scripting
A vulnerability categorized as problematic has been discovered in Social Feed Gallery Portfolio Plugin up to 1.3 on WordPress. The
CVE-2025-13308 | Application Passwords Plugin up to 0.1.3 on WordPress reject_url cross site scripting
A vulnerability identified as problematic has been detected in Application Passwords Plugin up to 0.1.3 on WordPress. This affects an
CVE-2025-13656 | Cute News Ticker Plugin up to 1.0 on WordPress Shortcode color cross site scripting
A vulnerability labeled as problematic has been found in Cute News Ticker Plugin up to 1.0 on WordPress. This impacts
CVE-2025-13863 | RevInsite Plugin up to 1.1.0 on WordPress Shortcode token cross site scripting
A vulnerability marked as problematic has been reported in RevInsite Plugin up to 1.1.0 on WordPress. Affected is an unknown
CVE-2025-13856 | Extra Post Images Plugin up to 1.0 on WordPress Shortcode ID cross site scripting
A vulnerability described as problematic has been identified in Extra Post Images Plugin up to 1.0 on WordPress. Affected by
CVE-2025-13629 | WP Landing Page Plugin up to 0.9.3 on WordPress wplp_api_update_text cross-site request forgery
A vulnerability classified as problematic has been found in WP Landing Page Plugin up to 0.9.3 on WordPress. Affected by
openSUSE: git-bug Important Update 2025-20143-1 CVE-2025-47911 DoS
An update that solves 7 vulnerabilities and has 7 bug fixes can now be installed.LinuxSecurity – Security AdvisoriesRead More
openSUSE: libpng12-0 Moderate Security Update CVE-2025-64505 2025:15797-1
An update that solves one vulnerability can now be installed.LinuxSecurity – Security AdvisoriesRead More
openSUSE Tumbleweed: go1.24 Moderate Issues Fix Advisory 2025:15796-1
An update that solves 2 vulnerabilities can now be installed.LinuxSecurity – Security AdvisoriesRead More
Remote Code Execution Vulnerability in React and Next.js Frameworks: December 2025
On December 3, 2025, the React team released a security advisory regarding a vulnerability, CVE-2025-55182, in the React server that
Oracle Linux 10 ELSA-2025-21485: Java Moderate Threat DoS
The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:LinuxSecurity – Security AdvisoriesRead More
Oracle Linux 10 ELSA-2025-21463 Kernel Moderate Threat Update
The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:LinuxSecurity – Security AdvisoriesRead More
Oracle Linux 10: Important Firefox Security Advisory ELSA-2025-21281
The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:LinuxSecurity – Security AdvisoriesRead More
Oracle Linux 10: ELSA-2025-21248 Openssl Moderate Fix Advisory
The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:LinuxSecurity – Security AdvisoriesRead More
Oracle Linux 10 – ELSA-2025-21816 Delve Golang Moderate Threat
The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:LinuxSecurity – Security AdvisoriesRead More
CVE-2025-66550 | Nextcloud Calendar up to 4.7.16/5.2.3 Attachment unexpected data type
A vulnerability identified as problematic has been detected in Nextcloud Calendar up to 4.7.16/5.2.3. This issue affects some unknown processing
CVE-2025-14139 | UTT 进取 520W 1.7.7-180627 formConfigDnsFilterGlobal strcpy timeRangeName buffer overflow
A vulnerability labeled as critical has been found in UTT 进取 520W 1.7.7-180627. Impacted is the function strcpy of the
CVE-2025-14140 | UTT 进取 520W 1.7.7-180627 /goform/websHostFilter strcpy addHostFilter buffer overflow
A vulnerability marked as critical has been reported in UTT 进取 520W 1.7.7-180627. The affected element is the function strcpy
CVE-2025-14141 | UTT 进取 520W 1.7.7-180627 formArpBindConfig strcpy pools buffer overflow
A vulnerability described as critical has been identified in UTT 进取 520W 1.7.7-180627. The impacted element is the function strcpy
CVE-2025-66471 | urllib3 up to 2.5.x Streaming API data amplification
A vulnerability categorized as critical has been discovered in urllib3 up to 2.5.x. This affects an unknown function of the
CVE-2025-66418 | urllib3 up to 2.5.x allocation of resources (GHSA-gm62-xv2j-4w53)
A vulnerability identified as problematic has been detected in urllib3 up to 2.5.x. This impacts an unknown function. Performing manipulation
CVE-2025-65897 | zdh_web up to 5.6.17 unrestricted upload (ID 40)
A vulnerability labeled as critical has been found in zdh_web up to 5.6.17. Affected is an unknown function. Executing manipulation
CVE-2025-65036 | xwikisas xwiki-pro-macros up to 1.27.0 authorization
A vulnerability marked as critical has been reported in xwikisas xwiki-pro-macros up to 1.27.0. Affected by this vulnerability is an
CVE-2025-64053 | Fanvil x210 2.12.20 HTTP POST Request webconfig?page=upload&action=submit buffer overflow
A vulnerability described as critical has been identified in Fanvil x210 2.12.20. Affected by this issue is some unknown functionality
CVE-2025-65879 | Warehouse Management System 1.2 /goods/deleteGoods File.delete goodsimg path traversal
A vulnerability classified as critical has been found in Warehouse Management System 1.2. This affects the function File.delete of the
CVE-2025-14104 | util-linux setpwnam heap-based overflow
A vulnerability classified as critical was found in util-linux. This vulnerability affects the function setpwnam. Such manipulation leads to heap-based
CVE-2025-65878 | Warehouse Management System 1.2 Endpoint /file/showImageByPath path path traversal
A vulnerability, which was classified as problematic, has been found in Warehouse Management System 1.2. This issue affects some unknown
CVE-2025-66510 | Nextcloud Server/Enterprise Server Contacts Search exposure of private personal information to an unauthorized actor
A vulnerability, which was classified as problematic, was found in Nextcloud Server and Enterprise Server. Impacted is an unknown function
CVE-2025-66512 | Nextcloud Server/Server Enterprise cross site scripting
A vulnerability has been found in Nextcloud Server and Server Enterprise and classified as problematic. The affected element is an
CVE-2024-9183 | GitLab Community Edition/Enterprise Edition up to 18.4.4/18.5.2/18.6.0 toctou
A vulnerability was found in GitLab Community Edition and Enterprise Edition up to 18.4.4/18.5.2/18.6.0 and classified as problematic. The impacted
CVE-2025-66547 | Nextcloud Server/Enterprise Server up to 31.0.0 authorization
A vulnerability was found in Nextcloud Server and Enterprise Server up to 31.0.0. It has been classified as problematic. This
CVE-2025-66511 | Nextcloud Calendar up to 6.0.2 Meeting Proposal random values
A vulnerability was found in Nextcloud Calendar up to 6.0.2. It has been declared as problematic. This impacts an unknown
CVE-2025-66552 | Nextcloud Server/Enterprise Server up to 31.0.8/32.0.0 admin_audit App insufficient logging
A vulnerability was found in Nextcloud Server and Enterprise Server up to 31.0.8/32.0.0. It has been rated as problematic. Affected
CVE-2025-64054 | Fanvil x210 2.12.20 HTTP POST Request webconfig?page=upload&action=submit cross site scripting
A vulnerability categorized as problematic has been discovered in Fanvil x210 2.12.20. Affected by this vulnerability is an unknown functionality
CVE-2025-64052 | Fanvil x210 V2 2.12.20 System Command improper authentication
A vulnerability identified as critical has been detected in Fanvil x210 V2 2.12.20. Affected by this issue is some unknown
CVE-2025-12510 | Widgets for Google Reviews Plugin up to 13.2.4 on WordPress cross site scripting
A vulnerability labeled as problematic has been found in Widgets for Google Reviews Plugin up to 13.2.4 on WordPress. This
CVE-2025-13922 | Tag, Category, and Taxonomy Manager Plugin up to 3.40.1 on WordPress AJAX Endpoint existing_terms_orderby sql injection
A vulnerability marked as critical has been reported in Tag, Category, and Taxonomy Manager Plugin up to 3.40.1 on WordPress.
CVE-2025-11263 | Link Whisper Free Plugin up to 0.8.8 on WordPress Type cross site scripting
A vulnerability described as problematic has been identified in Link Whisper Free Plugin up to 0.8.8 on WordPress. This issue
CVE-2025-64374 | Motors Plugin up to 5.6.82 on WordPress Plugin Installation mvl_theme_install_base authorization
A vulnerability classified as critical has been found in Motors Plugin up to 5.6.82 on WordPress. Impacted is the function
CVE-2025-12505 | weDocs Plugin up to 2.1.14 on WordPress Setting create_item_permissions_check authorization
A vulnerability classified as problematic was found in weDocs Plugin up to 2.1.14 on WordPress. The affected element is the
CVE-2025-66546 | Nextcloud Calendar up to 4.7.18/5.5.5/6.0.0 authorization
A vulnerability, which was classified as problematic, has been found in Nextcloud Calendar up to 4.7.18/5.5.5/6.0.0. The impacted element is
CVE-2025-64188 | Soledad Plugin up to 8.6.9 on WordPress penci_update_option authorization
A vulnerability, which was classified as problematic, was found in Soledad Plugin up to 8.6.9 on WordPress. This affects the
CVE-2025-13857 | Yet Another WebClap Plugin up to 0.2 on WordPress Shortcode text cross site scripting
A vulnerability has been found in Yet Another WebClap Plugin up to 0.2 on WordPress and classified as problematic. This
CVE-2025-14126 | TOZED ZLT M30S/ZLT M30S PRO 1.47/3.09.06 Web Interface hard-coded credentials
A vulnerability was found in TOZED ZLT M30S and ZLT M30S PRO 1.47/3.09.06 and classified as critical. Affected is an
CVE-2025-14133 | Linksys RE6500/RE6250/RE6300/RE6350/RE7000/RE9000 mod_form.so AP_get_wireless_clientlist_setClientsName clientsname_0 stack-based overflow
A vulnerability was found in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. It has been classified as critical.
CVE-2025-14134 | Linksys RE6500/RE6250/RE6300/RE6350/RE7000/RE9000 mod_form.so clientsname_0 stack-based overflow
A vulnerability was found in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. It has been declared as critical.
CVE-2025-14135 | Linksys RE6500/RE6250/RE6300/RE6350/RE7000/RE9000 mod_form.so AP_get_wired_clientlist_setClientsName clientsname_0 stack-based overflow
A vulnerability was found in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. It has been rated as critical.
CVE-2025-14136 | Linksys RE6500/RE6250/RE6300/RE6350/RE7000/RE9000 mod_form.so clientsname_0 stack-based overflow
A vulnerability categorized as critical has been discovered in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. This vulnerability
Ubuntu 22.04 LTS: Linux Kernel Critical Security Vulnerability USN-7889-5
Several security issues were fixed in the Linux kernel.LinuxSecurity – Security AdvisoriesRead More
Ubuntu 25.10: Linux GCP Kernel Critical Security Issues USN-7906-2
Several security issues were fixed in the Linux kernel.LinuxSecurity – Security AdvisoriesRead More
Ubuntu 22.04: Linux Kernel Azure Important Security Flaws USN-7910-2
Several security issues were fixed in the Linux kernel.LinuxSecurity – Security AdvisoriesRead More
Ubuntu 22.04: Important Linux Kernel Updates Addressing Security Flaws
Several security issues were fixed in the Linux kernel.LinuxSecurity – Security AdvisoriesRead More
CVE-2025-6966 | Canonical python-apt deb822 File TagSection.keys null pointer dereference
A vulnerability labeled as problematic has been found in Canonical python-apt. The impacted element is the function TagSection.keys of the
CVE-2025-13654 | zevv Duc up to 1.4.5 buffer_get stack-based overflow
A vulnerability marked as critical has been reported in zevv Duc up to 1.4.5. This affects the function buffer_get. Performing
CVE-2025-14105 | TOZED ZLT M30S/ZLT M30S PRO 1.47/3.09.06 Web Interface /reqproc/proc_post goformId denial of service
A vulnerability described as problematic has been identified in TOZED ZLT M30S and ZLT M30S PRO 1.47/3.09.06. This impacts an
CVE-2025-14106 | ZSPACE Q2C NAS up to 1.1.0210050 HTTP POST Request /v2/file/safe/close zfilev2_api.CloseSafe safe_dir command injection
A vulnerability classified as critical has been found in ZSPACE Q2C NAS up to 1.1.0210050. Affected is the function zfilev2_api.CloseSafe
CVE-2025-14107 | ZSPACE Q2C NAS up to 1.1.0210050 HTTP POST Request /v2/file/safe/status zfilev2_api.SafeStatus safe_dir command injection
A vulnerability classified as critical was found in ZSPACE Q2C NAS up to 1.1.0210050. Affected by this vulnerability is the
CVE-2025-14108 | ZSPACE Q2C NAS up to 1.1.0210050 HTTP POST Request /v2/file/safe/open zfilev2_api.OpenSafe safe_dir command injection
A vulnerability, which was classified as critical, has been found in ZSPACE Q2C NAS up to 1.1.0210050. Affected by this
CVE-2025-14111 | Rarlab RAR App up to 7.11 Build 127 on Android com.rarlab.rar path traversal
A vulnerability, which was classified as critical, was found in Rarlab RAR App up to 7.11 Build 127 on Android.
CVE-2025-14116 | xerrors Yuxi-Know up to 0.4.0 /src/models/embed.py OtherEmbedding.aencode health_url server-side request forgery
A vulnerability has been found in xerrors Yuxi-Know up to 0.4.0 and classified as critical. This vulnerability affects the function
CVE-2025-64057 | Fanvil x210 V2 2.12.20 System Configuration path traversal
A vulnerability was found in Fanvil x210 V2 2.12.20 and classified as critical. This issue affects some unknown processing of