cb
cvebase
.
~
/
products
/
slican
/
ipl
Search CVEs, products, detections…
⌘K
pipeline live
Digest
Docs
Home
/
Products
/
slican
/
Slican Ipl
Slican Ipl vulnerabilities
1 known vulnerability affecting
slican/ipl
.
Track
Version
All versions
Total CVEs
1
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL
1
Vulnerabilities
Sort
Most important
Highest Priority
Highest EPSS
Highest CVSS
Newest
Oldest
Page 1 of 1
CVE-2025-14577
P2
CRITICAL
CVSS 9.8
fixed in 6.61.0010
2026-02-24
CVE-2025-14577 [CRITICAL] CWE-306 CVE-2025-14577: Slican NCP/IPL/IPM/IPU devices are vulnerable to PHP Function Injection. An unauthenticated remote a Slican NCP/IPL/IPM/IPU devices are vulnerable to PHP Function Injection. An unauthenticated remote attacker is able to execute arbitrary PHP commands by sending specially crafted requests to /webcti/session_ajax.php endpoint. This issue was fixed in version 1.24.0190 (Slican NCP) and 6.61.0010 (Slican IPL/IPM/IPU).
nvd
Slican Ipl vulnerabilities | cvebase