CVE-2025-22960

EPSS 0.26% · P50 Updated Mar 18, 2025

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2025-22960

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

A session hijacking vulnerability exists in the web-based management interface of GatesAir Maxiva UAXT, VAXT transmitters. Unauthenticated attackers can access exposed log files (/logs/debug/xteLog*), potentially revealing sensitive session-related information such as session IDs (sess_id) and authentication success tokens (user_check_password OK). Exploiting this flaw could allow attackers to hijack active sessions, gain unauthorized access, and escalate privileges on affected devices.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

GatesAir Maxiva 安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

GatesAir Maxiva是美国GatesAir公司的一系列发射器。 GatesAir Maxiva存在安全漏洞，该漏洞源于Web管理界面中存在会话劫持漏洞。未经身份验证的攻击者可以访问暴露的日志文件。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2025-22960

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2025-22960

请登录查看更多情报信息。

Same Patch Batch · n/a · 2025-02-13 · 37 CVEs total

CVE-2025-1094	8.1 HIGH	PostgreSQL quoting APIs miss neutralizing quoting syntax in text that fails encoding valid
CVE-2024-37600	6.8 MEDIUM	Mercedes-Benz NTG 安全漏洞
CVE-2024-37602	4.6 MEDIUM	Mercedes-Benz NTG 安全漏洞
CVE-2024-37603		Mercedes-Benz NTG 安全漏洞
CVE-2023-34402		Mercedes-Benz NTG 安全漏洞
CVE-2023-34404		Mercedes-Benz NTG 安全漏洞
CVE-2023-34401		Mercedes-Benz NTG 安全漏洞
CVE-2023-34406		Mercedes-Benz NTG 安全漏洞
CVE-2023-34403		Mercedes-Benz NTG 安全漏洞
CVE-2024-37601		Mercedes-Benz NTG 安全漏洞
CVE-2023-34400		Mercedes-Benz NTG 安全漏洞
CVE-2024-56908		Perfex CRM 安全漏洞
CVE-2024-57782		docker-proxy 安全漏洞
CVE-2024-53310		Effectmatrix Total Video Converter Command Line 安全漏洞
CVE-2024-53309		EffectMatrix Total Video Converter Command Line 安全漏洞
CVE-2025-22961		GatesAir Maxiva 安全漏洞
CVE-2024-53311		Immunity Debugger 安全漏洞
CVE-2025-22962		GatesAir Maxiva 安全漏洞
CVE-2024-54951		Monica 安全漏洞
CVE-2025-25352		PHPGurukul Land Record System 安全漏洞

Showing top 20 of 37 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2025-22960

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2025-22960

I. Basic Information for CVE-2025-22960

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2025-22960

III. Intelligence Information for CVE-2025-22960

Same Patch Batch · n/a · 2025-02-13 · 37 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2025-22960

Leave a comment