Support Us — Your donation helps us keep running

Goal: 1000 CNY,Raised: 1000 CNY

100.0%
Donate Now

BLU-IC2 — Vulnerabilities & Security Advisories 39

All 39 CVE vulnerabilities found in BLU-IC2, with AI-generated Chinese analysis, references, and POCs.

Vendor: Azure Access Technology

CVE IDTitleCVSSSeverityPaused
CVE-2025-12603 /etc/timezone can be Arbitrarily Written CWE-787 7.1 -2025-11-01
CVE-2025-12602 /etc/avahi/services/z9.service can be Arbitrarily Written CWE-787 8.8 -2025-11-01
CVE-2025-12601 Denial of Service Due to SlowLoris CWE-730 7.5 -2025-11-01
CVE-2025-12600 Web UI Malfunction CWE-730 6.5 -2025-11-01
CVE-2025-12599 Multiple Devices are Sharing the Same Secrets for SDKSocket (TCP/5000) CWE-321 7.5 -2025-11-01
CVE-2025-12554 Missing Security Headers CWE-693--2025-10-31
CVE-2025-12553 Server Certificate Verification Disabled CWE-599 7.5 -2025-10-31
CVE-2025-12552 Insufficient Password Policy CWE-521 9.8 -2025-10-31
CVE-2025-12517 Credits Page not Matching Versions in Use in the Firmware CWE-448 5.4AIMediumAI2025-10-30
CVE-2025-12516 Lack of Graceful Error Handling - HTTP 5xx Error CWE-394 5.3AIMediumAI2025-10-30
CVE-2025-12515 Systemic Internal Server Errors - HTTP 500 Response CWE-394 6.5AIMediumAI2025-10-30
CVE-2025-12479 Systemic Lack of Cross-Site Request Forgery (CSRF) Token Implementation CWE-352 8.1AIHighAI2025-10-29
CVE-2025-12478 Non-Compliant TLS Configuration CWE-326 9.1AICriticalAI2025-10-29
CVE-2025-12477 Server Version Disclosure CWE-306 4.3AIMediumAI2025-10-29
CVE-2025-12476 Resource Lacking AuthN CWE-306 9.1AICriticalAI2025-10-29
CVE-2025-12425 Local Privilege Escalation CWE-269 7.8AIHighAI2025-10-28
CVE-2025-12424 Privilege Escalation through SUID-bit Binary CWE-269 7.8AIHighAI2025-10-28
CVE-2025-12423 Denial of Service - Protocol Manipulation CWE-248 7.5AIHighAI2025-10-28
CVE-2025-12422 Vulnerable Upgrade Feature (Arbitrary File Write) CWE-22 8.8AIHighAI2025-10-28
CVE-2025-12365 Error Messages Wrapped In HTTP Header CWE-209 6.5AIMediumAI2025-10-27
CVE-2025-12364 Weak Password Policy CWE-521 9.8AICriticalAI2025-10-27
CVE-2025-12363 Email Password Disclosure CWE-200 6.5AIMediumAI2025-10-27
CVE-2025-12285 Missing Initial Password Change CWE-20 9.8 -2025-10-26
CVE-2025-12284 Lack of Input Validation CWE-20 9.4 -2025-10-26
CVE-2025-12275 Mail Configuration File Manipulation + Command Execution CWE-20 8.8 -2025-10-26
CVE-2025-12278 Logout Functionality not Working CWE-20 6.5 -2025-10-26
CVE-2025-12221 CSRF Token not Properly Implemented CWE-16 9.8 -2025-10-25
CVE-2025-12220 Busybox 1.31.1 - Multiple Known Vulnerabilities CWE-1395 9.8 -2025-10-25
CVE-2025-12219 Vulnerable Components in Azure Access OS CWE-1395 8.8 -2025-10-25
CVE-2025-12218 Weak Default Credentials CWE-1392 9.4 -2025-10-25

All 39 known CVE vulnerabilities affecting BLU-IC2 with full Chinese analysis, references, and POCs where available.