cbcvebase.

Dos Co Ltd Ss1 vulnerabilities

8 known vulnerabilities affecting dos_co_ltd/ss1.

Total CVEs
8
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL2HIGH5MEDIUM1

Vulnerabilities

Page 1 of 1
CVE-2025-54762P2CRITICALCVSS 9.3vVer.16.0.0.10 and earlier (Media version:16.0.0a and earlier) (Windows environment only)2025-08-28
CVE-2025-54762 [CRITICAL] CWE-434 CVE-2025-54762: SS1 Ver.16.0.0.10 and earlier (Media version:16.0.0a and earlier) allows a remote unauthenticated at SS1 Ver.16.0.0.10 and earlier (Media version:16.0.0a and earlier) allows a remote unauthenticated attacker to upload arbitrary files and execute OS commands with SYSTEM privileges.
nvd
CVE-2025-53970P2CRITICALCVSS 9.3vVer.16.0.0.10 and earlier (Media version:16.0.0a and earlier) (Affected under Windows environment only)2025-08-28
CVE-2025-53970 [CRITICAL] CWE-434 CVE-2025-53970: SS1 Ver.16.0.0.10 and earlier (Media version:16.0.0a and earlier) allows a remote unauthenticated at SS1 Ver.16.0.0.10 and earlier (Media version:16.0.0a and earlier) allows a remote unauthenticated attacker to upload arbitrary files and execute OS commands with SYSTEM privileges.
nvd
CVE-2025-58081P2HIGHCVSS 8.7vVer.16.0.0.10 and earlier (Media version:16.0.0a and earlier) (Affected under MacOS environment only)2025-08-28
CVE-2025-58081 [HIGH] CWE-259 CVE-2025-58081: Use of hard-coded password issue/vulnerability in SS1 Ver.16.0.0.10 and earlier (Media version:16.0. Use of hard-coded password issue/vulnerability in SS1 Ver.16.0.0.10 and earlier (Media version:16.0.0a and earlier) allows a remote unauthenticated attacker to view arbitrary files with root privileges.
nvd
CVE-2025-58072P3HIGHCVSS 8.7vVer.16.0.0.10 and earlier (Media version:16.0.0a and earlier) (Affected under MacOS environment only)2025-08-28
CVE-2025-58072 [HIGH] CWE-22 CVE-2025-58072: Improper limitation of a pathname to a restricted directory ('Path Traversal') issue exists in SS1 V Improper limitation of a pathname to a restricted directory ('Path Traversal') issue exists in SS1 Ver.16.0.0.10 and earlier (Media version:16.0.0a and earlier). If this vulnerability is exploited, arbitrary files may be viewed by a remote unauthenticated attacker.
nvd
CVE-2025-46409P3HIGHCVSS 8.7vVer.16.0.0.10 and earlier (Media version:16.0.0a and earlier)2025-08-28
CVE-2025-46409 [HIGH] CWE-326 CVE-2025-46409: Inadequate encryption strength issue exists in SS1 Ver.16.0.0.10 and earlier (Media version:16.0.0a Inadequate encryption strength issue exists in SS1 Ver.16.0.0.10 and earlier (Media version:16.0.0a and earlier). If this vulnerability is exploited, a function that requires authentication may be accessed by a remote unauthenticated attacker.
nvd
CVE-2025-52460P3MEDIUMCVSS 6.9vVer.16.0.0.10 and earlier (Media version:16.0.0a and earlier) (Affected under Windows environment only)2025-08-28
CVE-2025-52460 [MEDIUM] CWE-552 CVE-2025-52460: Files or directories accessible to external parties issue exists in SS1 Ver.16.0.0.10 and earlier (M Files or directories accessible to external parties issue exists in SS1 Ver.16.0.0.10 and earlier (Media version:16.0.0a and earlier). If exploited, uploaded files and SS1 configuration files may be accessed by a remote unauthenticated attacker.
nvd
CVE-2025-54819P3HIGHCVSS 7.1vVer.16.0.0.10 and earlier (Media version:16.0.0a and earlier)2025-08-28
CVE-2025-54819 [HIGH] CWE-22 CVE-2025-54819: Improper limitation of a pathname to a restricted directory ('Path Traversal') issue exists in SS1 V Improper limitation of a pathname to a restricted directory ('Path Traversal') issue exists in SS1 Ver.16.0.0.10 and earlier (Media version:16.0.0a and earlier). If this vulnerability is exploited, legitimate files may be overwritten by a remote authenticated attacker.
nvd
CVE-2025-53396P3HIGHCVSS 7.3vVer.16.0.0.10 and earlier (Media version:16.0.0a and earlier) (Affected under MacOS environment only)2025-08-28
CVE-2025-53396 [HIGH] CWE-732 CVE-2025-53396: Incorrect permission assignment for critical resource issue exists in SS1 Ver.16.0.0.10 and earlier Incorrect permission assignment for critical resource issue exists in SS1 Ver.16.0.0.10 and earlier (Media version:16.0.0a and earlier), which may allow users who can log in to a client terminal to obtain root privileges.
nvd
Dos Co Ltd Ss1 vulnerabilities | cvebase