Search

Find a vulnerability

Search criteria

    2 vulnerabilities found for LANSCOPE Endpoint Manager On-Premises Edition by MOTEX Inc.

    JVNDB-2026-000026

    Vulnerability from jvndb - Published: 2026-02-25 15:14 - Updated:2026-02-25 15:14
    Severity
    Summary
    Lanscope Endpoint Manager (On-Premises) vulnerable to path traversal
    Details
    Lanscope Endpoint Manager (On-Premises) provided by MOTEX Inc. contains the following vulnerability.
    • Path traversal (CWE-22) - CVE-2026-25785
    The following people reported this vulnerability to MOTEX Inc. and coordinated with the vendor. After the coordination was completed, MOTEX Inc. reported the case to IPA in order to notify users of the solution through JVN. Reporter: Kazuki Furukawa, Yuma Taki, Kota Takeda, Ippei Kakurai, Masaaki Chida, Denis Faiustov of GMO Cybersecurity by Ierae, Inc.
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2026/JVNDB-2026-000026.html",
      "dc:date": "2026-02-25T15:14+09:00",
      "dcterms:issued": "2026-02-25T15:14+09:00",
      "dcterms:modified": "2026-02-25T15:14+09:00",
      "description": "Lanscope Endpoint Manager (On-Premises) provided by MOTEX Inc. contains the following vulnerability.\u003ca href=\u0027https://cwe.mitre.org/data/definitions/22.html\u0027 target=\u0027_blank\u0027\u003e\u003c/a\u003e\u003cul\u003e\u003cli\u003ePath traversal (CWE-22) - CVE-2026-25785\u003c/li\u003e\u003c/ul\u003eThe following people reported this vulnerability to MOTEX Inc. and coordinated with the vendor. After the coordination was completed, MOTEX Inc. reported the case to IPA in order to notify users of the solution through JVN.\r\nReporter: Kazuki Furukawa, Yuma Taki, Kota Takeda, Ippei Kakurai, Masaaki Chida, Denis Faiustov of GMO Cybersecurity by Ierae, Inc.",
      "link": "https://jvndb.jvn.jp/en/contents/2026/JVNDB-2026-000026.html",
      "sec:cpe": {
        "#text": "cpe:/a:motex:lanscope_endpoint_manager_on-premises_edition",
        "@product": "LANSCOPE Endpoint Manager On-Premises Edition",
        "@vendor": "MOTEX Inc.",
        "@version": "2.2"
      },
      "sec:cvss": {
        "@score": "9.8",
        "@severity": "Critical",
        "@type": "Base",
        "@vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
        "@version": "3.0"
      },
      "sec:identifier": "JVNDB-2026-000026",
      "sec:references": [
        {
          "#text": "https://jvn.jp/en/jp/JVN79096585/index.html",
          "@id": "JVN#79096585",
          "@source": "JVN"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2026-25785",
          "@id": "CVE-2026-25785",
          "@source": "CVE"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-22",
          "@title": "Path Traversal(CWE-22)"
        }
      ],
      "title": "Lanscope Endpoint Manager (On-Premises) vulnerable to path traversal"
    }

    JVNDB-2025-000088

    Vulnerability from jvndb - Published: 2025-10-20 16:17 - Updated:2025-10-22 10:06
    Severity
    Summary
    Lanscope Endpoint Manager (On-Premises) vulnerable to improper verification of source of a communication channel
    Details
    Lanscope Endpoint Manager (On-Premises) provided by MOTEX Inc. contains the following vulnerability.
    • Improper verification of source of a communication channel (CWE-940) - CVE-2025-61932
    MOTEX Inc. reported this vulnerability to IPA to notify users of its solution through JVN. JPCERT/CC and MOTEX Inc. coordinated under the Information Security Early Warning Partnership.
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2025/JVNDB-2025-000088.html",
      "dc:date": "2025-10-22T10:06+09:00",
      "dcterms:issued": "2025-10-20T16:17+09:00",
      "dcterms:modified": "2025-10-22T10:06+09:00",
      "description": "Lanscope Endpoint Manager (On-Premises) provided by MOTEX Inc. contains the following vulnerability.\r\n\u003cul\u003e\u003cli\u003eImproper verification of source of a communication channel (CWE-940) - CVE-2025-61932\u003c/li\u003e\u003c/ul\u003e\r\nMOTEX Inc. reported this vulnerability to IPA to notify users of its solution through JVN. JPCERT/CC and MOTEX Inc. coordinated under the Information Security Early Warning Partnership.",
      "link": "https://jvndb.jvn.jp/en/contents/2025/JVNDB-2025-000088.html",
      "sec:cpe": {
        "#text": "cpe:/a:motex:lanscope_endpoint_manager_on-premises_edition",
        "@product": "LANSCOPE Endpoint Manager On-Premises Edition",
        "@vendor": "MOTEX Inc.",
        "@version": "2.2"
      },
      "sec:cvss": {
        "@score": "9.8",
        "@severity": "Critical",
        "@type": "Base",
        "@vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
        "@version": "3.0"
      },
      "sec:identifier": "JVNDB-2025-000088",
      "sec:references": [
        {
          "#text": "https://jvn.jp/en/jp/JVN86318557/index.html",
          "@id": "JVN#86318557",
          "@source": "JVN"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2025-61932",
          "@id": "CVE-2025-61932",
          "@source": "CVE"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-Other",
          "@title": "No Mapping(CWE-Other)"
        }
      ],
      "title": "Lanscope Endpoint Manager (On-Premises) vulnerable to improper verification of source of a communication channel"
    }