Broadcom Dx Netops Spectrum vulnerabilities

10 known vulnerabilities affecting broadcom/dx_netops_spectrum.

Total CVEs

10

CISA KEV

0

Public exploits

0

Exploited in wild

0

Severity breakdown

HIGH4MEDIUM2LOW4

Vulnerabilities

Page 1 of 1

CVE-2025-69273HIGHCVSS 8.7fixed in 24.3.11v24.3.10 and earlier2026-01-12

CVE-2025-69273 [HIGH] CWE-287 CVE-2025-69273: Improper Authentication vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows Authen Improper Authentication vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows Authentication Bypass.This issue affects DX NetOps Spectrum: 24.3.10 and earlier.

CVE-2025-69275HIGHCVSS 7.1fixed in 24.3.10v24.3.9 and earlier2026-01-12

CVE-2025-69275 [HIGH] CWE-79 CVE-2025-69275: Dependency on Vulnerable Third-Party Component vulnerability in Broadcom DX NetOps Spectrum on Windo Dependency on Vulnerable Third-Party Component vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows DOM-Based XSS.This issue affects DX NetOps Spectrum: 24.3.9 and earlier.

CVE-2025-69267HIGHCVSS 8.8fixed in 24.3.9v24.3.8 and earlier2026-01-12

CVE-2025-69267 [HIGH] CWE-22 CVE-2025-69267: Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) vulnerability in Broadc Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows Path Traversal.This issue affects DX NetOps Spectrum: 24.3.8 and earlier.

CVE-2025-69269HIGHCVSS 7.1fixed in 23.3.7v23.3.6 and earlier2026-01-12

CVE-2025-69269 [HIGH] CWE-78 CVE-2025-69269: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerabi Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows OS Command Injection.This issue affects DX NetOps Spectrum: 23.3.6 and earlier.

CVE-2025-69272MEDIUMCVSS 5.3fixed in 21.2.2v21.2.1 and earlier2026-01-12

CVE-2025-69272 [MEDIUM] CWE-319 CVE-2025-69272: Cleartext Transmission of Sensitive Information vulnerability in Broadcom DX NetOps Spectrum on Wind Cleartext Transmission of Sensitive Information vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows Sniffing Attacks.This issue affects DX NetOps Spectrum: 21.2.1 and earlier.

CVE-2025-69268MEDIUMCVSS 5.3fixed in 24.3.9v24.3.8 and earlier2026-01-12

CVE-2025-69268 [MEDIUM] CWE-79 CVE-2025-69268: Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerab Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows Reflected XSS.This issue affects DX NetOps Spectrum: 24.3.8 and earlier.

CVE-2025-69271LOWCVSS 2.3fixed in 25.4.1v24.3.13 and earlier2026-01-12

CVE-2025-69271 [LOW] CWE-522 CVE-2025-69271: Insufficiently Protected Credentials vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux Insufficiently Protected Credentials vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows Sniffing Attacks.This issue affects DX NetOps Spectrum: 24.3.13 and earlier.

CVE-2025-69270LOWCVSS 2.3fixed in 24.3.9v24.3.8 and earlier2026-01-12

CVE-2025-69270 [LOW] CWE-598 CVE-2025-69270: Information Exposure Through Query Strings in GET Request vulnerability in Broadcom DX NetOps Spectr Information Exposure Through Query Strings in GET Request vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows Session Hijacking.This issue affects DX NetOps Spectrum: 24.3.8 and earlier.

CVE-2025-69274LOWCVSS 2.3fixed in 24.3.11v24.3.10 and earlier2026-01-12

CVE-2025-69274 [LOW] CWE-639 CVE-2025-69274: Authorization Bypass Through User-Controlled Key vulnerability in Broadcom DX NetOps Spectrum on Win Authorization Bypass Through User-Controlled Key vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows Privilege Escalation.This issue affects DX NetOps Spectrum: 24.3.10 and earlier.

CVE-2025-69276LOWCVSS 2.3fixed in 25.4.1v24.3.13 and earlier2026-01-12

CVE-2025-69276 [LOW] CWE-502 CVE-2025-69276: Deserialization of Untrusted Data vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux all Deserialization of Untrusted Data vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows Object Injection.This issue affects DX NetOps Spectrum: 24.3.13 and earlier.