Spectrum

spectrum

Vendor: Loftware • 8 CVEs

CVEs (8)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2023-37234 1Loftware 1Spectrum Sep 18, 2024 Sep 10, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Loftware Spectrum through 4.6 has unprotected JMX Registry.
CVE-2023-37233 1Loftware 1Spectrum Sep 18, 2024 Sep 10, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 Loftware Spectrum before 4.6 HF14 allows authenticated XXE attacks.
CVE-2023-37232 1Loftware 1Spectrum Sep 18, 2024 Sep 10, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Loftware Spectrum through 4.6 exposes Sensitive Information (Logs) to an Unauthorized Actor.
CVE-2023-37231 1Loftware 1Spectrum May 29, 2025 Sep 10, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Loftware Spectrum before 4.6 HF14 uses a Hard-coded Password.
CVE-2023-37230 1Loftware 1Spectrum Jul 10, 2025 Sep 10, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 Loftware Spectrum (testDeviceConnection) before 5.1 allows SSRF.
CVE-2023-37229 1Loftware 1Spectrum Jul 3, 2025 Sep 10, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 Loftware Spectrum before 5.1 allows SSRF.
CVE-2023-37227 1Loftware 1Spectrum May 29, 2025 Sep 10, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Loftware Spectrum before 4.6 HF13 Deserializes Untrusted Data.
CVE-2023-37226 1Loftware 1Spectrum May 29, 2025 Sep 10, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Loftware Spectrum before 4.6 HF14 has Missing Authentication for a Critical Function.