CVEInsight.

Free vulnerability intelligence for developers, security teams, and researchers. Data sourced from public databases for informational purposes only.

Explore

Legal

CVE data sourced from NVD / NIST & public disclosures.

avtech

dgm1104_firmware

5 known vulnerabilities · sorted by CVSS score

CVE-2025-57198

HIGH8.8

AVTECH SECURITY Corporation DGM1104 FullImg-1015-1004-1006-1003 was discovered to contain an authenticated command injection vulnerability in the Machine.cgi endpoint. This vulnerability allows attackers to execute arbitrary commands via a crafted input.

avtech / dgm1104_firmware

Network

Published Dec 3, 2025

CVE-2025-57201

HIGH8.8

AVTECH SECURITY Corporation DGM1104 FullImg-1015-1004-1006-1003 was discovered to contain an authenticated command injection vulnerability in the SMB server function. This vulnerability allows attackers to execute arbitrary commands via a crafted input.

avtech / dgm1104_firmware

Network

Published Dec 3, 2025

CVE-2025-57199

HIGH8.8

AVTECH SECURITY Corporation DGM1104 FullImg-1015-1004-1006-1003 was discovered to contain an authenticated command injection vulnerability in the NetFailDetectD binary. This vulnerability allows attackers to execute arbitrary commands via a crafted input.

avtech / dgm1104_firmware

Network

Published Dec 3, 2025

CVE-2025-57200

MEDIUM6.5

AVTECH SECURITY Corporation DGM1104 FullImg-1015-1004-1006-1003 was discovered to contain an authenticated command injection vulnerability in the test_mail function. This vulnerability allows attackers to execute arbitrary commands via a crafted input.

avtech / dgm1104_firmware

Network

Published Dec 3, 2025

CVE-2025-57202

MEDIUM6.1

A stored cross-site scripting (XSS) vulnerability in the PwdGrp.cgi endpoint of AVTECH SECURITY Corporation DGM1104 FullImg-1015-1004-1006-1003 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the username field.

avtech / dgm1104_firmware

Network

Published Dec 3, 2025