CVEInsight.

Free vulnerability intelligence for developers, security teams, and researchers. Data sourced from public databases for informational purposes only.

Explore

Legal

CVE data sourced from NVD / NIST & public disclosures.

Search Vulnerabilities

Software

Searching vulnerabilities affecting “newtec”

3 vulnerabilities found for “newtec”

CVE-2025-63210

CRITICAL9.8

The Newtec Celox UHD (models: CELOXA504, CELOXA820) running firmware version celox-21.6.13 is vulnerable to an authentication bypass. An attacker can exploit this issue by modifying intercepted responses from the /celoxservice endpoint. By injecting a forged response body during the loginWithUserName flow, the attacker can gain Superuser or Operator access without providing valid credentials.

newtec / celoxa504_firmware+1

Network

Published Nov 19, 2025

CVE-2022-45194

LOW3.8

CBRN-Analysis before 22 allows XXE attacks via am mws XML document, leading to NTLMv2-SSP hash disclosure.

bruhn-newtech / cbrn-analysis

Adjacent

Published Nov 12, 2022

CVE-2022-45193

MEDIUM5.9

CBRN-Analysis before 22 has weak file permissions under Public Profile, leading to disclosure of file contents or privilege escalation.

bruhn-newtech / cbrn-analysis

Local

Published Nov 12, 2022