cbcvebase.

Endruntechnologies Sonoma D12 Firmware vulnerabilities

12 known vulnerabilities affecting endruntechnologies/sonoma_d12_firmware.

Total CVEs
12
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL3HIGH7MEDIUM2

Vulnerabilities

Page 1 of 1
CVE-2025-60957P2CRITICALCVSS 9.9v6010-0071-0002025-10-06
CVE-2025-60957 [CRITICAL] CWE-78 CVE-2025-60957: OS Command Injection vulnerability in EndRun Technologies Sonoma D12 Network Time Server (GPS) F/W 6 OS Command Injection vulnerability in EndRun Technologies Sonoma D12 Network Time Server (GPS) F/W 6010-0071-000 Ver 4.00 allows attackers to execute arbitrary code, cause a denial of service, gain escalated privileges, and gain sensitive information.
nvd
CVE-2025-60964P3CRITICALCVSS 9.1v6010-0071-0002025-10-06
CVE-2025-60964 [CRITICAL] CWE-78 CVE-2025-60964: OS Command Injection vulnerability in EndRun Technologies Sonoma D12 Network Time Server (GPS) F/W 6 OS Command Injection vulnerability in EndRun Technologies Sonoma D12 Network Time Server (GPS) F/W 6010-0071-000 Ver 4.00 allows attackers to execute arbitrary code, cause a denial of service, gain escalated privileges, gain sensitive information, and possibly other unspecified impacts.
nvd
CVE-2025-60965P3CRITICALCVSS 9.1v6010-0071-0002025-10-06
CVE-2025-60965 [CRITICAL] CWE-78 CVE-2025-60965: OS Command Injection vulnerability in EndRun Technologies Sonoma D12 Network Time Server (GPS) F/W 6 OS Command Injection vulnerability in EndRun Technologies Sonoma D12 Network Time Server (GPS) F/W 6010-0071-000 Ver 4.00 allows attackers to execute arbitrary code, cause a denial of service, gain escalated privileges, gain sensitive information, and possibly other unspecified impacts.
nvd
CVE-2025-60959P3HIGHCVSS 8.2v6010-0071-0002025-10-06
CVE-2025-60959 [HIGH] CWE-78 CVE-2025-60959: OS Command Injection vulnerability in EndRun Technologies Sonoma D12 Network Time Server (GPS) F/W 6 OS Command Injection vulnerability in EndRun Technologies Sonoma D12 Network Time Server (GPS) F/W 6010-0071-000 Ver 4.00 allows attackers to gain sensitive information.
nvd
CVE-2025-60960P3HIGHCVSS 8.2v6010-0071-0002025-10-06
CVE-2025-60960 [HIGH] CWE-78 CVE-2025-60960: OS Command Injection vulnerability in EndRun Technologies Sonoma D12 Network Time Server (GPS) F/W 6 OS Command Injection vulnerability in EndRun Technologies Sonoma D12 Network Time Server (GPS) F/W 6010-0071-000 Ver 4.00 allows attackers to execute arbitrary code, cause a denial of service, gain escalated privileges, and gain sensitive information.
nvd
CVE-2025-60963P3HIGHCVSS 8.2v6010-0071-0002025-10-06
CVE-2025-60963 [HIGH] CWE-78 CVE-2025-60963: OS Command Injection vulnerability in EndRun Technologies Sonoma D12 Network Time Server (GPS) F/W 6 OS Command Injection vulnerability in EndRun Technologies Sonoma D12 Network Time Server (GPS) F/W 6010-0071-000 Ver 4.00 allows attackers to execute arbitrary code, cause a denial of service, gain escalated privileges, and gain sensitive information.
nvd
CVE-2025-60962P3HIGHCVSS 8.2v6010-0071-0002025-10-06
CVE-2025-60962 [HIGH] CWE-78 CVE-2025-60962: OS Command Injection vulnerability in EndRun Technologies Sonoma D12 Network Time Server (GPS) F/W 6 OS Command Injection vulnerability in EndRun Technologies Sonoma D12 Network Time Server (GPS) F/W 6010-0071-000 Ver 4.00 allows attackers to gain sensitive information, and possibly other unspecified impacts.
nvd
CVE-2025-60956P3HIGHCVSS 8.0v6010-0071-0002025-10-06
CVE-2025-60956 [HIGH] CWE-352 CVE-2025-60956: Cross Site Request Forgery (CSRF) vulnerability in EndRun Technologies Sonoma D12 Network Time Serve Cross Site Request Forgery (CSRF) vulnerability in EndRun Technologies Sonoma D12 Network Time Server (GPS) F/W 6010-0071-000 Ver 4.00 allows attackers to execute arbitrary code, cause a denial of service, gain escalated privileges, and gain sensitive information.
nvd
CVE-2025-60967P3HIGHCVSS 7.3v6010-0076-0002025-10-06
CVE-2025-60967 [HIGH] CWE-79 CVE-2025-60967: Cross Site Scripting (XSS) vulnerability in EndRun Technologies Sonoma D12 Network Time Server (GPS) Cross Site Scripting (XSS) vulnerability in EndRun Technologies Sonoma D12 Network Time Server (GPS) F/W 6010-0076-000 Ver 4.00 allows attackers to gain sensitive information.
nvd
CVE-2025-60958P3HIGHCVSS 7.3v6010-0071-0002025-10-06
CVE-2025-60958 [HIGH] CWE-79 CVE-2025-60958: Cross Site Scripting (XSS) vulnerability in EndRun Technologies Sonoma D12 Network Time Server (GPS) Cross Site Scripting (XSS) vulnerability in EndRun Technologies Sonoma D12 Network Time Server (GPS) F/W 6010-0071-000 Ver 4.00 allows attackers to gain sensitive information.
nvd
CVE-2025-60969P4MEDIUMCVSS 5.7v6010-0076-0002025-10-06
CVE-2025-60969 [MEDIUM] CWE-22 CVE-2025-60969: Directory Traversal vulnerability in EndRun Technologies Sonoma D12 Network Time Server (GPS) F/W 60 Directory Traversal vulnerability in EndRun Technologies Sonoma D12 Network Time Server (GPS) F/W 6010-0076-000 Ver 4.00 allows attackers to gain sensitive information.
nvd
CVE-2025-60961P4MEDIUMCVSS 6.1v6010-0071-0002025-10-06
CVE-2025-60961 [MEDIUM] CWE-79 CVE-2025-60961: Cross Site Scripting (XSS) vulnerability in EndRun Technologies Sonoma D12 Network Time Server (GPS) Cross Site Scripting (XSS) vulnerability in EndRun Technologies Sonoma D12 Network Time Server (GPS) F/W 6010-0071-000 Ver 4.00 allows attackers to gain sensitive information, and possibly other unspecified impacts.
nvd
Endruntechnologies Sonoma D12 Firmware vulnerabilities | cvebase