Universal Traffic Recorder Firmware

universal_traffic_recorder_firmware

Vendor: Audi • 5 CVEs

CVEs (5)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2025-45587 1Audi 1Universal Traffic Recorder Firmware Oct 16, 2025 Sep 12, 2025 N/A· v4 7.0 HIGH· v3 N/A· v2 A stack overflow in the FTP service of Audi UTR 2.0 Universal Traffic Recorder 2.0 allows attackers to cause a Denial of Service (DoS) via a crafted input.
CVE-2025-45586 1Audi 1Universal Traffic Recorder Firmware Oct 16, 2025 Sep 12, 2025 N/A· v4 7.5 HIGH· v3 N/A· v2 An issue in Audi UTR 2.0 Universal Traffic Recorder 2.0 allows attackers to arbitrarily overwrite files via supplying a crafted PUT request.
CVE-2025-45585 1Audi 1Universal Traffic Recorder Firmware Oct 16, 2025 Sep 12, 2025 N/A· v4 5.4 MEDIUM· v3 N/A· v2 Multiple stored cross-site scripting (XSS) vulnerabilities in Audi UTR 2.0 Universal Traffic Recorder 2.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the wifi_sta_ssid o...Show more Multiple stored cross-site scripting (XSS) vulnerabilities in Audi UTR 2.0 Universal Traffic Recorder 2.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the wifi_sta_ssid or wifi_ap_ssid parameters.Show less
CVE-2025-45584 1Audi 1Universal Traffic Recorder Firmware Oct 16, 2025 Sep 12, 2025 N/A· v4 7.5 HIGH· v3 N/A· v2 Incorrect access control in the web service of Audi UTR 2.0 Universal Traffic Recorder 2.0 allows attackers to download car information without authentication.
CVE-2025-45583 1Audi 1Universal Traffic Recorder Firmware Oct 16, 2025 Sep 12, 2025 N/A· v4 9.1 CRITICAL· v3 N/A· v2 Incorrect access control in the FTP protocol of Audi UTR 2.0 Universal Traffic Recorder 2.0 allows attackers to authenticate into the service using any combination of username and password.