Search

Find a vulnerability

Search criteria

    14 vulnerabilities by EZCast

    CVE-2026-24348 (GCVE-0-2026-24348)

    Vulnerability from nvd – Published: 2026-01-27 09:31 – Updated: 2026-01-27 14:37
    VLAI
    Title
    Multiple cross-site scripting vulnerabilities in EZCast Pro II Dongle
    Summary
    Multiple cross-site scripting vulnerabilities in Admin UI of EZCast Pro II version 1.17478.146 allow attackers to execute arbitrary JavaScript code in the browser of other Admin UI users.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-20 - Improper Input Validation
    Assigner
    References
    Impacted products
    Vendor Product Version
    EZCast EZCast Pro II Affected: 1.17478.146
    Create a notification for this product.
    Credits
    Swiss National Test Institute for Cybersecurity NTC Redguard AG Swiss National Cybersecurity Centre
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-24348",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-01-27T14:35:20.611846Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-01-27T14:37:02.162Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "EZCast Pro II",
              "vendor": "EZCast",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.17478.146"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Swiss National Test Institute for Cybersecurity NTC"
            },
            {
              "lang": "en",
              "type": "finder",
              "value": "Redguard AG"
            },
            {
              "lang": "en",
              "type": "coordinator",
              "value": "Swiss National Cybersecurity Centre"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Multiple cross-site scripting vulnerabilities in Admin UI of EZCast Pro II version 1.17478.146 allow attackers to execute arbitrary JavaScript code in the browser of other Admin UI users."
                }
              ],
              "value": "Multiple cross-site scripting vulnerabilities in Admin UI of EZCast Pro II version 1.17478.146 allow attackers to execute arbitrary JavaScript code in the browser of other Admin UI users."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-63",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-63 Cross-Site Scripting (XSS)"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NO",
                "Recovery": "USER",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "HIGH",
                "attackRequirements": "NONE",
                "attackVector": "ADJACENT",
                "baseScore": 7.4,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "PASSIVE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:A/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/AU:N/R:U",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20 Improper Input Validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-01-27T09:31:19.110Z",
            "orgId": "455daabc-a392-441d-aa46-37d35189897c",
            "shortName": "NCSC.ch"
          },
          "references": [
            {
              "url": "https://hub.ntc.swiss/ntcf-2025-145332"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Multiple cross-site scripting vulnerabilities in EZCast Pro II Dongle",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Until a firmware patch is made available by the vendor, users are advised to disconnect the dongle from their local network and limit its use strictly to Access Point functionality to minimize the attack surface."
                }
              ],
              "value": "Until a firmware patch is made available by the vendor, users are advised to disconnect the dongle from their local network and limit its use strictly to Access Point functionality to minimize the attack surface."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "455daabc-a392-441d-aa46-37d35189897c",
        "assignerShortName": "NCSC.ch",
        "cveId": "CVE-2026-24348",
        "datePublished": "2026-01-27T09:31:19.110Z",
        "dateReserved": "2026-01-22T12:55:22.578Z",
        "dateUpdated": "2026-01-27T14:37:02.162Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-24347 (GCVE-0-2026-24347)

    Vulnerability from nvd – Published: 2026-01-27 09:22 – Updated: 2026-01-27 14:53
    VLAI
    Title
    Arbitrary file write to /tmp directory in EZCast Pro II Dongle
    Summary
    Improper input validation in Admin UI of EZCast Pro II version 1.17478.146 allows attackers to manipulate files in the /tmp directory
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-20 - Improper Input Validation
    Assigner
    References
    Impacted products
    Vendor Product Version
    EZCast EZCast Pro II Affected: 1.17478.146
    Create a notification for this product.
    Credits
    Swiss National Test Institute for Cybersecurity NTC Swiss National Cybersecurity Centre
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-24347",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-01-27T14:50:04.082901Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-01-27T14:53:25.851Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "EZCast Pro II",
              "vendor": "EZCast",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.17478.146"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Swiss National Test Institute for Cybersecurity NTC"
            },
            {
              "lang": "en",
              "type": "coordinator",
              "value": "Swiss National Cybersecurity Centre"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Improper input validation in Admin UI of EZCast Pro II version 1.17478.146 allows attackers to manipulate files in the /tmp directory"
                }
              ],
              "value": "Improper input validation in Admin UI of EZCast Pro II version 1.17478.146 allows attackers to manipulate files in the /tmp directory"
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-165",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-165 File Manipulation"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NO",
                "Recovery": "USER",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "HIGH",
                "attackRequirements": "NONE",
                "attackVector": "ADJACENT",
                "baseScore": 5.7,
                "baseSeverity": "MEDIUM",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "HIGH",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:A/AC:H/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/AU:N/R:U",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20 Improper Input Validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-01-27T09:22:38.550Z",
            "orgId": "455daabc-a392-441d-aa46-37d35189897c",
            "shortName": "NCSC.ch"
          },
          "references": [
            {
              "url": "https://hub.ntc.swiss/ntcf-2025-32806"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Arbitrary file write to /tmp directory in EZCast Pro II Dongle",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "455daabc-a392-441d-aa46-37d35189897c",
        "assignerShortName": "NCSC.ch",
        "cveId": "CVE-2026-24347",
        "datePublished": "2026-01-27T09:22:38.550Z",
        "dateReserved": "2026-01-22T12:55:22.578Z",
        "dateUpdated": "2026-01-27T14:53:25.851Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-24346 (GCVE-0-2026-24346)

    Vulnerability from nvd – Published: 2026-01-27 09:18 – Updated: 2026-01-27 15:21
    VLAI
    Title
    Use of well-known default credentials in EZCast Pro II Dongle
    Summary
    Use of well-known default credentials in Admin UI of EZCast Pro II version 1.17478.146 allows attackers to access protected areas in the web application
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-798 - Use of Hard-coded Credentials
    Assigner
    References
    Impacted products
    Vendor Product Version
    EZCast EZCast Pro II Affected: 1.17478.146
    Create a notification for this product.
    Credits
    Swiss National Test Institute for Cybersecurity NTC Redguard AG Swiss National Cybersecurity Centre
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-24346",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-01-27T15:14:28.146647Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-01-27T15:21:10.523Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "EZCast Pro II",
              "vendor": "EZCast",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.17478.146"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Swiss National Test Institute for Cybersecurity NTC"
            },
            {
              "lang": "en",
              "type": "finder",
              "value": "Redguard AG"
            },
            {
              "lang": "en",
              "type": "coordinator",
              "value": "Swiss National Cybersecurity Centre"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Use of well-known default credentials in Admin UI of EZCast Pro II version 1.17478.146 allows attackers to access protected areas in the web application"
                }
              ],
              "value": "Use of well-known default credentials in Admin UI of EZCast Pro II version 1.17478.146 allows attackers to access protected areas in the web application"
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-115",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-115 Authentication Bypass"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NO",
                "Recovery": "USER",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "HIGH",
                "attackRequirements": "NONE",
                "attackVector": "ADJACENT",
                "baseScore": 7.6,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:A/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/AU:N/R:U",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-798",
                  "description": "CWE-798 Use of Hard-coded Credentials",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-01-27T09:18:57.833Z",
            "orgId": "455daabc-a392-441d-aa46-37d35189897c",
            "shortName": "NCSC.ch"
          },
          "references": [
            {
              "url": "https://hub.ntc.swiss/ntcf-2025-13993"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Use of well-known default credentials in EZCast Pro II Dongle",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "All users are encouraged to change the admin password upon first use."
                }
              ],
              "value": "All users are encouraged to change the admin password upon first use."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "455daabc-a392-441d-aa46-37d35189897c",
        "assignerShortName": "NCSC.ch",
        "cveId": "CVE-2026-24346",
        "datePublished": "2026-01-27T09:18:57.833Z",
        "dateReserved": "2026-01-22T12:55:22.578Z",
        "dateUpdated": "2026-01-27T15:21:10.523Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-24345 (GCVE-0-2026-24345)

    Vulnerability from nvd – Published: 2026-01-27 09:13 – Updated: 2026-01-27 15:22
    VLAI
    Title
    Cross-Site Request Forgery in EZCast Pro II Dongle
    Summary
    Cross-Site Request Forgery in Admin UI of EZCast Pro II version 1.17478.146 allows attackers to bypass authorization checks and gain full access to the admin UI
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-20 - Improper Input Validation
    Assigner
    References
    Impacted products
    Vendor Product Version
    EZCast EZCast Pro II Affected: 1.17478.146
    Create a notification for this product.
    Credits
    Swiss National Test Institute for Cybersecurity NTC Redguard AG Swiss National Cybersecurity Centre
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-24345",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-01-27T15:22:11.847821Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-01-27T15:22:21.306Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "EZCast Pro II",
              "vendor": "EZCast",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.17478.146"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Swiss National Test Institute for Cybersecurity NTC"
            },
            {
              "lang": "en",
              "type": "finder",
              "value": "Redguard AG"
            },
            {
              "lang": "en",
              "type": "coordinator",
              "value": "Swiss National Cybersecurity Centre"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Cross-Site Request Forgery in Admin UI of EZCast Pro II version 1.17478.146 allows attackers to bypass authorization checks and gain full access to the admin UI"
                }
              ],
              "value": "Cross-Site Request Forgery in Admin UI of EZCast Pro II version 1.17478.146 allows attackers to bypass authorization checks and gain full access to the admin UI"
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-62",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-62 Cross Site Request Forgery"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "YES",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "ADJACENT",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "HIGH",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "ACTIVE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/AU:Y/RE:L",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "LOW"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20 Improper Input Validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-01-27T09:13:27.664Z",
            "orgId": "455daabc-a392-441d-aa46-37d35189897c",
            "shortName": "NCSC.ch"
          },
          "references": [
            {
              "url": "https://hub.ntc.swiss/ntcf-2025-32832"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Cross-Site Request Forgery in EZCast Pro II Dongle",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Until a firmware patch is made available by the vendor, users are advised to disconnect the dongle from their local network and limit its use strictly to Access Point functionality to minimize the attack surface."
                }
              ],
              "value": "Until a firmware patch is made available by the vendor, users are advised to disconnect the dongle from their local network and limit its use strictly to Access Point functionality to minimize the attack surface."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "455daabc-a392-441d-aa46-37d35189897c",
        "assignerShortName": "NCSC.ch",
        "cveId": "CVE-2026-24345",
        "datePublished": "2026-01-27T09:13:27.664Z",
        "dateReserved": "2026-01-22T12:55:22.578Z",
        "dateUpdated": "2026-01-27T15:22:21.306Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-24344 (GCVE-0-2026-24344)

    Vulnerability from nvd – Published: 2026-01-27 09:04 – Updated: 2026-01-27 14:25
    VLAI
    Title
    Multiple Buffer Overflows in EZCast Pro II Dongle
    Summary
    Multiple Buffer Overflows in Admin UI of EZCast Pro II version 1.17478.146 allow attackers to cause a program crash and potential remote code execution
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
    Assigner
    References
    Impacted products
    Vendor Product Version
    EZCast EZCast Pro II Affected: 1.17478.146
    Create a notification for this product.
    Credits
    Swiss National Test Institute for Cybersecurity NTC Swiss National Cybersecurity Centre
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-24344",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-01-27T14:24:24.341887Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-01-27T14:25:06.534Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "EZCast Pro II",
              "vendor": "EZCast",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.17478.146"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Swiss National Test Institute for Cybersecurity NTC"
            },
            {
              "lang": "en",
              "type": "coordinator",
              "value": "Swiss National Cybersecurity Centre"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Multiple\u0026nbsp;Buffer Overflows in Admin UI of EZCast Pro II version 1.17478.146 allow attackers to cause a program crash and potential remote code execution"
                }
              ],
              "value": "Multiple\u00a0Buffer Overflows in Admin UI of EZCast Pro II version 1.17478.146 allow attackers to cause a program crash and potential remote code execution"
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-253",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-253 Remote Code Inclusion"
                }
              ]
            },
            {
              "capecId": "CAPEC-100",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-100 Overflow Buffers"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NO",
                "Recovery": "USER",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "HIGH",
                "attackRequirements": "NONE",
                "attackVector": "ADJACENT",
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "HIGH",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:A/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/AU:N/R:U",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-120",
                  "description": "CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-01-27T09:04:34.750Z",
            "orgId": "455daabc-a392-441d-aa46-37d35189897c",
            "shortName": "NCSC.ch"
          },
          "references": [
            {
              "url": "https://hub.ntc.swiss/ntcf-2025-68873"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Multiple Buffer Overflows in EZCast Pro II Dongle",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Until a firmware patch is made available by the vendor, users are advised to disconnect the dongle from their local network and limit its use strictly to Access Point functionality to minimize the attack surface."
                }
              ],
              "value": "Until a firmware patch is made available by the vendor, users are advised to disconnect the dongle from their local network and limit its use strictly to Access Point functionality to minimize the attack surface."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "455daabc-a392-441d-aa46-37d35189897c",
        "assignerShortName": "NCSC.ch",
        "cveId": "CVE-2026-24344",
        "datePublished": "2026-01-27T09:04:34.750Z",
        "dateReserved": "2026-01-22T12:55:22.577Z",
        "dateUpdated": "2026-01-27T14:25:06.534Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-13955 (GCVE-0-2025-13955)

    Vulnerability from nvd – Published: 2025-12-10 08:30 – Updated: 2026-05-28 12:30
    VLAI
    Title
    Predictable Default Wi-Fi Password in EZCast Pro II Dongle
    Summary
    Predictable default Wi-Fi Password in Access Point functionality in EZCast Pro II before version 1.17478.177 allows attackers in Wi-Fi range to gain access to the dongle by calculating the default password from observable device identifiers
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-330 - Use of Insufficiently Random Values
    Assigner
    References
    Impacted products
    Vendor Product Version
    EZCast EZCast Pro II Affected: 0 , < 1.17478.177 (custom)
    Create a notification for this product.
    Credits
    Swiss National Test Institute for Cybersecurity NTC Swiss National Cybersecurity Centre
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-13955",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-12-10T14:51:15.511995Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-12-10T14:52:44.905Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "EZCast Pro II",
              "vendor": "EZCast",
              "versions": [
                {
                  "lessThan": "1.17478.177",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Swiss National Test Institute for Cybersecurity NTC"
            },
            {
              "lang": "en",
              "type": "coordinator",
              "value": "Swiss National Cybersecurity Centre"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Predictable default Wi-Fi Password in Access Point functionality in\u0026nbsp;EZCast Pro II\u0026nbsp;before version 1.17478.177\u0026nbsp;allows attackers in Wi-Fi range to gain access to the dongle by calculating the default password from observable device identifiers"
                }
              ],
              "value": "Predictable default Wi-Fi Password in Access Point functionality in\u00a0EZCast Pro II\u00a0before version 1.17478.177\u00a0allows attackers in Wi-Fi range to gain access to the dongle by calculating the default password from observable device identifiers"
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-115",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-115 Authentication Bypass"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "YES",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "ADJACENT",
                "baseScore": 9.3,
                "baseSeverity": "CRITICAL",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "HIGH",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:H/SA:N/AU:Y/RE:L",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "LOW"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-330",
                  "description": "CWE-330 Use of Insufficiently Random Values",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-28T12:30:10.125Z",
            "orgId": "455daabc-a392-441d-aa46-37d35189897c",
            "shortName": "NCSC.ch"
          },
          "references": [
            {
              "tags": [
                "government-resource"
              ],
              "url": "https://www.ncsc.admin.ch/ncsc/en/home/infos-fuer/infos-it-spezialisten/themen/schwachstelle-melden/cvd-cases/cvd-case-1-test.html"
            },
            {
              "tags": [
                "release-notes"
              ],
              "url": "https://www.nimbletech.com.tw/index.php/release-note/"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Upgrade the firmware to version 1.17478.177 or later."
                }
              ],
              "value": "Upgrade the firmware to version 1.17478.177 or later."
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Predictable Default Wi-Fi Password in EZCast Pro II Dongle",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Until a firmware patch is made available by the vendor, all users are advised to change the default password in the management UI."
                }
              ],
              "value": "Until a firmware patch is made available by the vendor, all users are advised to change the default password in the management UI."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "455daabc-a392-441d-aa46-37d35189897c",
        "assignerShortName": "NCSC.ch",
        "cveId": "CVE-2025-13955",
        "datePublished": "2025-12-10T08:30:36.364Z",
        "dateReserved": "2025-12-03T13:26:04.173Z",
        "dateUpdated": "2026-05-28T12:30:10.125Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-13954 (GCVE-0-2025-13954)

    Vulnerability from nvd – Published: 2025-12-10 08:29 – Updated: 2026-05-28 12:25
    VLAI
    Title
    Hard-coded cryptographic keys in EZCast Pro II Dongle
    Summary
    Hard-coded cryptographic keys in Admin UI of EZCast Pro II before version 1.17478.177 allows attackers to bypass authorization checks and gain full access to the admin UI
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-798 - Use of Hard-coded Credentials
    Assigner
    References
    Impacted products
    Vendor Product Version
    EZCast EZCast Pro II Affected: 0 , < 1.17478.177 (custom)
    Create a notification for this product.
    Credits
    Swiss National Test Institute for Cybersecurity NTC Swiss National Cybersecurity Centre
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-13954",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-12-10T15:03:53.281182Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-12-10T15:04:05.435Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "EZCast Pro II",
              "vendor": "EZCast",
              "versions": [
                {
                  "lessThan": "1.17478.177",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Swiss National Test Institute for Cybersecurity NTC"
            },
            {
              "lang": "en",
              "type": "coordinator",
              "value": "Swiss National Cybersecurity Centre"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Hard-coded cryptographic keys in Admin UI of EZCast Pro II before version 1.17478.177 allows attackers to bypass authorization checks and gain full access to the admin UI"
                }
              ],
              "value": "Hard-coded cryptographic keys in Admin UI of EZCast Pro II before version 1.17478.177 allows attackers to bypass authorization checks and gain full access to the admin UI"
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-115",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-115 Authentication Bypass"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "YES",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "ADJACENT",
                "baseScore": 9.3,
                "baseSeverity": "CRITICAL",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "HIGH",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:H/SA:N/AU:Y/RE:L",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "LOW"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-798",
                  "description": "CWE-798 Use of Hard-coded Credentials",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-28T12:25:28.232Z",
            "orgId": "455daabc-a392-441d-aa46-37d35189897c",
            "shortName": "NCSC.ch"
          },
          "references": [
            {
              "tags": [
                "government-resource"
              ],
              "url": "https://www.ncsc.admin.ch/ncsc/en/home/infos-fuer/infos-it-spezialisten/themen/schwachstelle-melden/cvd-cases/cvd-case-1-test.html"
            },
            {
              "tags": [
                "release-notes"
              ],
              "url": "https://www.nimbletech.com.tw/index.php/release-note/"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Upgrade the firmware to version 1.17478.177 or later."
                }
              ],
              "value": "Upgrade the firmware to version 1.17478.177 or later."
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Hard-coded cryptographic keys in EZCast Pro II Dongle",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Until a firmware patch is made available by the vendor, users are advised to disconnect the dongle from their local network and limit its use strictly to Access Point functionality to minimize the attack surface"
                }
              ],
              "value": "Until a firmware patch is made available by the vendor, users are advised to disconnect the dongle from their local network and limit its use strictly to Access Point functionality to minimize the attack surface"
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "455daabc-a392-441d-aa46-37d35189897c",
        "assignerShortName": "NCSC.ch",
        "cveId": "CVE-2025-13954",
        "datePublished": "2025-12-10T08:29:51.188Z",
        "dateReserved": "2025-12-03T13:26:03.328Z",
        "dateUpdated": "2026-05-28T12:25:28.232Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-24348 (GCVE-0-2026-24348)

    Vulnerability from cvelistv5 – Published: 2026-01-27 09:31 – Updated: 2026-01-27 14:37
    VLAI
    Title
    Multiple cross-site scripting vulnerabilities in EZCast Pro II Dongle
    Summary
    Multiple cross-site scripting vulnerabilities in Admin UI of EZCast Pro II version 1.17478.146 allow attackers to execute arbitrary JavaScript code in the browser of other Admin UI users.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-20 - Improper Input Validation
    Assigner
    References
    Impacted products
    Vendor Product Version
    EZCast EZCast Pro II Affected: 1.17478.146
    Create a notification for this product.
    Credits
    Swiss National Test Institute for Cybersecurity NTC Redguard AG Swiss National Cybersecurity Centre
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-24348",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-01-27T14:35:20.611846Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-01-27T14:37:02.162Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "EZCast Pro II",
              "vendor": "EZCast",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.17478.146"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Swiss National Test Institute for Cybersecurity NTC"
            },
            {
              "lang": "en",
              "type": "finder",
              "value": "Redguard AG"
            },
            {
              "lang": "en",
              "type": "coordinator",
              "value": "Swiss National Cybersecurity Centre"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Multiple cross-site scripting vulnerabilities in Admin UI of EZCast Pro II version 1.17478.146 allow attackers to execute arbitrary JavaScript code in the browser of other Admin UI users."
                }
              ],
              "value": "Multiple cross-site scripting vulnerabilities in Admin UI of EZCast Pro II version 1.17478.146 allow attackers to execute arbitrary JavaScript code in the browser of other Admin UI users."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-63",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-63 Cross-Site Scripting (XSS)"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NO",
                "Recovery": "USER",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "HIGH",
                "attackRequirements": "NONE",
                "attackVector": "ADJACENT",
                "baseScore": 7.4,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "PASSIVE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:A/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/AU:N/R:U",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20 Improper Input Validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-01-27T09:31:19.110Z",
            "orgId": "455daabc-a392-441d-aa46-37d35189897c",
            "shortName": "NCSC.ch"
          },
          "references": [
            {
              "url": "https://hub.ntc.swiss/ntcf-2025-145332"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Multiple cross-site scripting vulnerabilities in EZCast Pro II Dongle",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Until a firmware patch is made available by the vendor, users are advised to disconnect the dongle from their local network and limit its use strictly to Access Point functionality to minimize the attack surface."
                }
              ],
              "value": "Until a firmware patch is made available by the vendor, users are advised to disconnect the dongle from their local network and limit its use strictly to Access Point functionality to minimize the attack surface."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "455daabc-a392-441d-aa46-37d35189897c",
        "assignerShortName": "NCSC.ch",
        "cveId": "CVE-2026-24348",
        "datePublished": "2026-01-27T09:31:19.110Z",
        "dateReserved": "2026-01-22T12:55:22.578Z",
        "dateUpdated": "2026-01-27T14:37:02.162Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-24347 (GCVE-0-2026-24347)

    Vulnerability from cvelistv5 – Published: 2026-01-27 09:22 – Updated: 2026-01-27 14:53
    VLAI
    Title
    Arbitrary file write to /tmp directory in EZCast Pro II Dongle
    Summary
    Improper input validation in Admin UI of EZCast Pro II version 1.17478.146 allows attackers to manipulate files in the /tmp directory
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-20 - Improper Input Validation
    Assigner
    References
    Impacted products
    Vendor Product Version
    EZCast EZCast Pro II Affected: 1.17478.146
    Create a notification for this product.
    Credits
    Swiss National Test Institute for Cybersecurity NTC Swiss National Cybersecurity Centre
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-24347",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-01-27T14:50:04.082901Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-01-27T14:53:25.851Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "EZCast Pro II",
              "vendor": "EZCast",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.17478.146"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Swiss National Test Institute for Cybersecurity NTC"
            },
            {
              "lang": "en",
              "type": "coordinator",
              "value": "Swiss National Cybersecurity Centre"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Improper input validation in Admin UI of EZCast Pro II version 1.17478.146 allows attackers to manipulate files in the /tmp directory"
                }
              ],
              "value": "Improper input validation in Admin UI of EZCast Pro II version 1.17478.146 allows attackers to manipulate files in the /tmp directory"
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-165",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-165 File Manipulation"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NO",
                "Recovery": "USER",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "HIGH",
                "attackRequirements": "NONE",
                "attackVector": "ADJACENT",
                "baseScore": 5.7,
                "baseSeverity": "MEDIUM",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "HIGH",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:A/AC:H/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/AU:N/R:U",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20 Improper Input Validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-01-27T09:22:38.550Z",
            "orgId": "455daabc-a392-441d-aa46-37d35189897c",
            "shortName": "NCSC.ch"
          },
          "references": [
            {
              "url": "https://hub.ntc.swiss/ntcf-2025-32806"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Arbitrary file write to /tmp directory in EZCast Pro II Dongle",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "455daabc-a392-441d-aa46-37d35189897c",
        "assignerShortName": "NCSC.ch",
        "cveId": "CVE-2026-24347",
        "datePublished": "2026-01-27T09:22:38.550Z",
        "dateReserved": "2026-01-22T12:55:22.578Z",
        "dateUpdated": "2026-01-27T14:53:25.851Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-24346 (GCVE-0-2026-24346)

    Vulnerability from cvelistv5 – Published: 2026-01-27 09:18 – Updated: 2026-01-27 15:21
    VLAI
    Title
    Use of well-known default credentials in EZCast Pro II Dongle
    Summary
    Use of well-known default credentials in Admin UI of EZCast Pro II version 1.17478.146 allows attackers to access protected areas in the web application
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-798 - Use of Hard-coded Credentials
    Assigner
    References
    Impacted products
    Vendor Product Version
    EZCast EZCast Pro II Affected: 1.17478.146
    Create a notification for this product.
    Credits
    Swiss National Test Institute for Cybersecurity NTC Redguard AG Swiss National Cybersecurity Centre
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-24346",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-01-27T15:14:28.146647Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-01-27T15:21:10.523Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "EZCast Pro II",
              "vendor": "EZCast",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.17478.146"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Swiss National Test Institute for Cybersecurity NTC"
            },
            {
              "lang": "en",
              "type": "finder",
              "value": "Redguard AG"
            },
            {
              "lang": "en",
              "type": "coordinator",
              "value": "Swiss National Cybersecurity Centre"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Use of well-known default credentials in Admin UI of EZCast Pro II version 1.17478.146 allows attackers to access protected areas in the web application"
                }
              ],
              "value": "Use of well-known default credentials in Admin UI of EZCast Pro II version 1.17478.146 allows attackers to access protected areas in the web application"
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-115",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-115 Authentication Bypass"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NO",
                "Recovery": "USER",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "HIGH",
                "attackRequirements": "NONE",
                "attackVector": "ADJACENT",
                "baseScore": 7.6,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:A/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/AU:N/R:U",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-798",
                  "description": "CWE-798 Use of Hard-coded Credentials",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-01-27T09:18:57.833Z",
            "orgId": "455daabc-a392-441d-aa46-37d35189897c",
            "shortName": "NCSC.ch"
          },
          "references": [
            {
              "url": "https://hub.ntc.swiss/ntcf-2025-13993"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Use of well-known default credentials in EZCast Pro II Dongle",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "All users are encouraged to change the admin password upon first use."
                }
              ],
              "value": "All users are encouraged to change the admin password upon first use."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "455daabc-a392-441d-aa46-37d35189897c",
        "assignerShortName": "NCSC.ch",
        "cveId": "CVE-2026-24346",
        "datePublished": "2026-01-27T09:18:57.833Z",
        "dateReserved": "2026-01-22T12:55:22.578Z",
        "dateUpdated": "2026-01-27T15:21:10.523Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-24345 (GCVE-0-2026-24345)

    Vulnerability from cvelistv5 – Published: 2026-01-27 09:13 – Updated: 2026-01-27 15:22
    VLAI
    Title
    Cross-Site Request Forgery in EZCast Pro II Dongle
    Summary
    Cross-Site Request Forgery in Admin UI of EZCast Pro II version 1.17478.146 allows attackers to bypass authorization checks and gain full access to the admin UI
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-20 - Improper Input Validation
    Assigner
    References
    Impacted products
    Vendor Product Version
    EZCast EZCast Pro II Affected: 1.17478.146
    Create a notification for this product.
    Credits
    Swiss National Test Institute for Cybersecurity NTC Redguard AG Swiss National Cybersecurity Centre
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-24345",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-01-27T15:22:11.847821Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-01-27T15:22:21.306Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "EZCast Pro II",
              "vendor": "EZCast",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.17478.146"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Swiss National Test Institute for Cybersecurity NTC"
            },
            {
              "lang": "en",
              "type": "finder",
              "value": "Redguard AG"
            },
            {
              "lang": "en",
              "type": "coordinator",
              "value": "Swiss National Cybersecurity Centre"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Cross-Site Request Forgery in Admin UI of EZCast Pro II version 1.17478.146 allows attackers to bypass authorization checks and gain full access to the admin UI"
                }
              ],
              "value": "Cross-Site Request Forgery in Admin UI of EZCast Pro II version 1.17478.146 allows attackers to bypass authorization checks and gain full access to the admin UI"
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-62",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-62 Cross Site Request Forgery"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "YES",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "ADJACENT",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "HIGH",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "ACTIVE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/AU:Y/RE:L",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "LOW"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20 Improper Input Validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-01-27T09:13:27.664Z",
            "orgId": "455daabc-a392-441d-aa46-37d35189897c",
            "shortName": "NCSC.ch"
          },
          "references": [
            {
              "url": "https://hub.ntc.swiss/ntcf-2025-32832"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Cross-Site Request Forgery in EZCast Pro II Dongle",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Until a firmware patch is made available by the vendor, users are advised to disconnect the dongle from their local network and limit its use strictly to Access Point functionality to minimize the attack surface."
                }
              ],
              "value": "Until a firmware patch is made available by the vendor, users are advised to disconnect the dongle from their local network and limit its use strictly to Access Point functionality to minimize the attack surface."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "455daabc-a392-441d-aa46-37d35189897c",
        "assignerShortName": "NCSC.ch",
        "cveId": "CVE-2026-24345",
        "datePublished": "2026-01-27T09:13:27.664Z",
        "dateReserved": "2026-01-22T12:55:22.578Z",
        "dateUpdated": "2026-01-27T15:22:21.306Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-24344 (GCVE-0-2026-24344)

    Vulnerability from cvelistv5 – Published: 2026-01-27 09:04 – Updated: 2026-01-27 14:25
    VLAI
    Title
    Multiple Buffer Overflows in EZCast Pro II Dongle
    Summary
    Multiple Buffer Overflows in Admin UI of EZCast Pro II version 1.17478.146 allow attackers to cause a program crash and potential remote code execution
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
    Assigner
    References
    Impacted products
    Vendor Product Version
    EZCast EZCast Pro II Affected: 1.17478.146
    Create a notification for this product.
    Credits
    Swiss National Test Institute for Cybersecurity NTC Swiss National Cybersecurity Centre
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-24344",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-01-27T14:24:24.341887Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-01-27T14:25:06.534Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "EZCast Pro II",
              "vendor": "EZCast",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.17478.146"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Swiss National Test Institute for Cybersecurity NTC"
            },
            {
              "lang": "en",
              "type": "coordinator",
              "value": "Swiss National Cybersecurity Centre"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Multiple\u0026nbsp;Buffer Overflows in Admin UI of EZCast Pro II version 1.17478.146 allow attackers to cause a program crash and potential remote code execution"
                }
              ],
              "value": "Multiple\u00a0Buffer Overflows in Admin UI of EZCast Pro II version 1.17478.146 allow attackers to cause a program crash and potential remote code execution"
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-253",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-253 Remote Code Inclusion"
                }
              ]
            },
            {
              "capecId": "CAPEC-100",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-100 Overflow Buffers"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NO",
                "Recovery": "USER",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "HIGH",
                "attackRequirements": "NONE",
                "attackVector": "ADJACENT",
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "HIGH",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:A/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/AU:N/R:U",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-120",
                  "description": "CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-01-27T09:04:34.750Z",
            "orgId": "455daabc-a392-441d-aa46-37d35189897c",
            "shortName": "NCSC.ch"
          },
          "references": [
            {
              "url": "https://hub.ntc.swiss/ntcf-2025-68873"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Multiple Buffer Overflows in EZCast Pro II Dongle",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Until a firmware patch is made available by the vendor, users are advised to disconnect the dongle from their local network and limit its use strictly to Access Point functionality to minimize the attack surface."
                }
              ],
              "value": "Until a firmware patch is made available by the vendor, users are advised to disconnect the dongle from their local network and limit its use strictly to Access Point functionality to minimize the attack surface."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "455daabc-a392-441d-aa46-37d35189897c",
        "assignerShortName": "NCSC.ch",
        "cveId": "CVE-2026-24344",
        "datePublished": "2026-01-27T09:04:34.750Z",
        "dateReserved": "2026-01-22T12:55:22.577Z",
        "dateUpdated": "2026-01-27T14:25:06.534Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-13955 (GCVE-0-2025-13955)

    Vulnerability from cvelistv5 – Published: 2025-12-10 08:30 – Updated: 2026-05-28 12:30
    VLAI
    Title
    Predictable Default Wi-Fi Password in EZCast Pro II Dongle
    Summary
    Predictable default Wi-Fi Password in Access Point functionality in EZCast Pro II before version 1.17478.177 allows attackers in Wi-Fi range to gain access to the dongle by calculating the default password from observable device identifiers
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-330 - Use of Insufficiently Random Values
    Assigner
    References
    Impacted products
    Vendor Product Version
    EZCast EZCast Pro II Affected: 0 , < 1.17478.177 (custom)
    Create a notification for this product.
    Credits
    Swiss National Test Institute for Cybersecurity NTC Swiss National Cybersecurity Centre
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-13955",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-12-10T14:51:15.511995Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-12-10T14:52:44.905Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "EZCast Pro II",
              "vendor": "EZCast",
              "versions": [
                {
                  "lessThan": "1.17478.177",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Swiss National Test Institute for Cybersecurity NTC"
            },
            {
              "lang": "en",
              "type": "coordinator",
              "value": "Swiss National Cybersecurity Centre"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Predictable default Wi-Fi Password in Access Point functionality in\u0026nbsp;EZCast Pro II\u0026nbsp;before version 1.17478.177\u0026nbsp;allows attackers in Wi-Fi range to gain access to the dongle by calculating the default password from observable device identifiers"
                }
              ],
              "value": "Predictable default Wi-Fi Password in Access Point functionality in\u00a0EZCast Pro II\u00a0before version 1.17478.177\u00a0allows attackers in Wi-Fi range to gain access to the dongle by calculating the default password from observable device identifiers"
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-115",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-115 Authentication Bypass"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "YES",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "ADJACENT",
                "baseScore": 9.3,
                "baseSeverity": "CRITICAL",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "HIGH",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:H/SA:N/AU:Y/RE:L",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "LOW"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-330",
                  "description": "CWE-330 Use of Insufficiently Random Values",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-28T12:30:10.125Z",
            "orgId": "455daabc-a392-441d-aa46-37d35189897c",
            "shortName": "NCSC.ch"
          },
          "references": [
            {
              "tags": [
                "government-resource"
              ],
              "url": "https://www.ncsc.admin.ch/ncsc/en/home/infos-fuer/infos-it-spezialisten/themen/schwachstelle-melden/cvd-cases/cvd-case-1-test.html"
            },
            {
              "tags": [
                "release-notes"
              ],
              "url": "https://www.nimbletech.com.tw/index.php/release-note/"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Upgrade the firmware to version 1.17478.177 or later."
                }
              ],
              "value": "Upgrade the firmware to version 1.17478.177 or later."
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Predictable Default Wi-Fi Password in EZCast Pro II Dongle",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Until a firmware patch is made available by the vendor, all users are advised to change the default password in the management UI."
                }
              ],
              "value": "Until a firmware patch is made available by the vendor, all users are advised to change the default password in the management UI."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "455daabc-a392-441d-aa46-37d35189897c",
        "assignerShortName": "NCSC.ch",
        "cveId": "CVE-2025-13955",
        "datePublished": "2025-12-10T08:30:36.364Z",
        "dateReserved": "2025-12-03T13:26:04.173Z",
        "dateUpdated": "2026-05-28T12:30:10.125Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-13954 (GCVE-0-2025-13954)

    Vulnerability from cvelistv5 – Published: 2025-12-10 08:29 – Updated: 2026-05-28 12:25
    VLAI
    Title
    Hard-coded cryptographic keys in EZCast Pro II Dongle
    Summary
    Hard-coded cryptographic keys in Admin UI of EZCast Pro II before version 1.17478.177 allows attackers to bypass authorization checks and gain full access to the admin UI
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-798 - Use of Hard-coded Credentials
    Assigner
    References
    Impacted products
    Vendor Product Version
    EZCast EZCast Pro II Affected: 0 , < 1.17478.177 (custom)
    Create a notification for this product.
    Credits
    Swiss National Test Institute for Cybersecurity NTC Swiss National Cybersecurity Centre
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-13954",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-12-10T15:03:53.281182Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-12-10T15:04:05.435Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "EZCast Pro II",
              "vendor": "EZCast",
              "versions": [
                {
                  "lessThan": "1.17478.177",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Swiss National Test Institute for Cybersecurity NTC"
            },
            {
              "lang": "en",
              "type": "coordinator",
              "value": "Swiss National Cybersecurity Centre"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Hard-coded cryptographic keys in Admin UI of EZCast Pro II before version 1.17478.177 allows attackers to bypass authorization checks and gain full access to the admin UI"
                }
              ],
              "value": "Hard-coded cryptographic keys in Admin UI of EZCast Pro II before version 1.17478.177 allows attackers to bypass authorization checks and gain full access to the admin UI"
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-115",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-115 Authentication Bypass"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "YES",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "ADJACENT",
                "baseScore": 9.3,
                "baseSeverity": "CRITICAL",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "HIGH",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:H/SA:N/AU:Y/RE:L",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "LOW"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-798",
                  "description": "CWE-798 Use of Hard-coded Credentials",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-28T12:25:28.232Z",
            "orgId": "455daabc-a392-441d-aa46-37d35189897c",
            "shortName": "NCSC.ch"
          },
          "references": [
            {
              "tags": [
                "government-resource"
              ],
              "url": "https://www.ncsc.admin.ch/ncsc/en/home/infos-fuer/infos-it-spezialisten/themen/schwachstelle-melden/cvd-cases/cvd-case-1-test.html"
            },
            {
              "tags": [
                "release-notes"
              ],
              "url": "https://www.nimbletech.com.tw/index.php/release-note/"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Upgrade the firmware to version 1.17478.177 or later."
                }
              ],
              "value": "Upgrade the firmware to version 1.17478.177 or later."
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Hard-coded cryptographic keys in EZCast Pro II Dongle",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Until a firmware patch is made available by the vendor, users are advised to disconnect the dongle from their local network and limit its use strictly to Access Point functionality to minimize the attack surface"
                }
              ],
              "value": "Until a firmware patch is made available by the vendor, users are advised to disconnect the dongle from their local network and limit its use strictly to Access Point functionality to minimize the attack surface"
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "455daabc-a392-441d-aa46-37d35189897c",
        "assignerShortName": "NCSC.ch",
        "cveId": "CVE-2025-13954",
        "datePublished": "2025-12-10T08:29:51.188Z",
        "dateReserved": "2025-12-03T13:26:03.328Z",
        "dateUpdated": "2026-05-28T12:25:28.232Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }