GCVE - cpe:2.3:o:avtech:dgm1104_firmware:-:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:o:avtech:dgm1104_firmware:-:*:*:*:*:*:*:*

part: o version: - update: *

Vendor	Avtech (`064374b9-08a7-5b62-a2bd-77f43f7d6e76`)
Product	Dgm1104 Firmware (`c27c8938-99f1-559e-adff-0ec79649d3ab`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2025-57202`	vulnerable	2026-06-03 15:04:59.679910	Details available A stored cross-site scripting (XSS) vulnerability in the PwdGrp.cgi endpoint of AVTECH SECURITY Corporation DGM1104 FullImg-1015-1004-1006-1003 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the username field. Published: 2025-12-03T00:00:00.000Z Updated: 2025-12-03T16:28:28.381Z Open on db.gcve.eu Reference links http://avtech.com http://dmg1104.com https://github.com/xchg-rax-rax/vulnerability-research/tree/main/CVE-2025-57202	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-57201`	vulnerable	2026-06-03 15:04:59.679541	Details available AVTECH SECURITY Corporation DGM1104 FullImg-1015-1004-1006-1003 was discovered to contain an authenticated command injection vulnerability in the SMB server function. This vulnerability allows attackers to execute arbitrary commands via a crafted input. Published: 2025-12-03T00:00:00.000Z Updated: 2025-12-03T15:57:34.057Z Open on db.gcve.eu Reference links http://avtech.com http://dgm1104.com https://github.com/xchg-rax-rax/vulnerability-research/tree/main/CVE-2025-57201	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-57200`	vulnerable	2026-06-03 15:04:59.679265	Details available AVTECH SECURITY Corporation DGM1104 FullImg-1015-1004-1006-1003 was discovered to contain an authenticated command injection vulnerability in the test_mail function. This vulnerability allows attackers to execute arbitrary commands via a crafted input. Published: 2025-12-03T00:00:00.000Z Updated: 2025-12-03T15:45:48.937Z Open on db.gcve.eu Reference links http://avtech.com http://dgm1104.com https://github.com/xchg-rax-rax/vulnerability-research/tree/main/CVE-2025-57200	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-57199`	vulnerable	2026-06-03 15:04:59.678695	Details available AVTECH SECURITY Corporation DGM1104 FullImg-1015-1004-1006-1003 was discovered to contain an authenticated command injection vulnerability in the NetFailDetectD binary. This vulnerability allows attackers to execute arbitrary commands via a crafted input. Published: 2025-12-03T00:00:00.000Z Updated: 2025-12-03T16:11:02.836Z Open on db.gcve.eu Reference links http://avtech.com http://dgm1104.com https://github.com/xchg-rax-rax/vulnerability-research/tree/main/CVE-2025-57199	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-57198`	vulnerable	2026-06-03 15:04:59.677137	Details available AVTECH SECURITY Corporation DGM1104 FullImg-1015-1004-1006-1003 was discovered to contain an authenticated command injection vulnerability in the Machine.cgi endpoint. This vulnerability allows attackers to execute arbitrary commands via a crafted input. Published: 2025-12-03T00:00:00.000Z Updated: 2025-12-03T16:05:10.617Z Open on db.gcve.eu Reference links http://avtech.com http://dgm1104.com https://github.com/xchg-rax-rax/vulnerability-research/tree/main/CVE-2025-57198	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.