← Back

Fanvil

fanvil

6 CVEs • 2 products

Products (2)

Click to collapse
Toggle
X210 Firmware
x210_firmware
6 CVEs
X210
x210
0 CVEs

CVEs (6)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2025-64056
1Fanvil
1X210 Firmware
Jan 9, 2026
Dec 5, 2025
N/A· v4
4.3 MEDIUM· v3
N/A· v2
File upload vulnerability in Fanvil x210 V2 2.12.20 allows unauthenticated attackers on the local network to store arbitrary files on the filesystem.
CVE-2025-64054
1Fanvil
1X210 Firmware
Jan 9, 2026
Dec 5, 2025
N/A· v4
9.6 CRITICAL· v3
N/A· v2
A reflected Cross Site Scripting (XSS) vulnerability on Fanvil x210 2.12.20 devices allows attackers to cause a denial of service or potentially execute arbitrary commands via crafted POST request to the /cgi-bin/webconf...Show more
A reflected Cross Site Scripting (XSS) vulnerability on Fanvil x210 2.12.20 devices allows attackers to cause a denial of service or potentially execute arbitrary commands via crafted POST request to the /cgi-bin/webconfig?page=upload&action=submit endpoint.Show less
CVE-2025-64053
1Fanvil
1X210 Firmware
Jan 9, 2026
Dec 5, 2025
N/A· v4
7.5 HIGH· v3
N/A· v2
A Buffer overflow vulnerability on Fanvil x210 2.12.20 devices allows attackers to cause a denial of service or potentially execute arbitrary commands via crafted POST request to the /cgi-bin/webconfig?page=upload&action...Show more
A Buffer overflow vulnerability on Fanvil x210 2.12.20 devices allows attackers to cause a denial of service or potentially execute arbitrary commands via crafted POST request to the /cgi-bin/webconfig?page=upload&action=submit endpoint.Show less
CVE-2025-64052
1Fanvil
1X210 Firmware
Dec 31, 2025
Dec 5, 2025
N/A· v4
5.1 MEDIUM· v3
N/A· v2
An issue was discovered in Fanvil x210 V2 2.12.20 allowing unauthenticated attackers on the local network to execute arbitrary system commands.
CVE-2025-64057
1Fanvil
1X210 Firmware
Jan 9, 2026
Dec 5, 2025
N/A· v4
8.3 HIGH· v3
N/A· v2
Directory traversal vulnerability in Fanvil x210 V2 2.12.20 allows unauthenticated attackers on the local network to store files in arbitrary locations and potentially modify the system configuration or other unspecified...Show more
Directory traversal vulnerability in Fanvil x210 V2 2.12.20 allows unauthenticated attackers on the local network to store files in arbitrary locations and potentially modify the system configuration or other unspecified impacts.Show less
CVE-2025-64055
1Fanvil
1X210 Firmware
Jan 9, 2026
Dec 3, 2025
N/A· v4
9.8 CRITICAL· v3
N/A· v2
An issue was discovered in Fanvil x210 V2 2.12.20 allowing unauthenticated attackers on the local network to access administrative functions of the device (e.g. file upload, firmware update, reboot...) via a crafted auth...Show more
An issue was discovered in Fanvil x210 V2 2.12.20 allowing unauthenticated attackers on the local network to access administrative functions of the device (e.g. file upload, firmware update, reboot...) via a crafted authentication bypass.Show less