Browse all 4 CVE security advisories affecting CarlinKit. AI-powered Chinese analysis, POCs, and references for each vulnerability.
CarlinKit develops remote desktop and KVM switch solutions enabling device control across multiple platforms. Historically, their products have been susceptible to multiple remote code execution vulnerabilities, cross-site scripting flaws, and privilege escalation issues, as evidenced by their four recorded CVEs. These vulnerabilities often stem from improper input validation and insecure authentication mechanisms. While no major public security incidents have been widely reported, the consistent pattern of vulnerabilities in their software suggests ongoing challenges in secure coding practices. Users should implement network segmentation and apply patches promptly to mitigate potential risks associated with these security weaknesses.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-2765 | CarlinKit CPC200-CCPA Wireless Hotspot Hard-Coded Credentials Authentication Bypass Vulnerability — CPC200-CCPACWE-798 | 8.8 | - | 2025-04-23 |
| CVE-2025-2764 | CarlinKit CPC200-CCPA update.cgi Improper Verification of Cryptographic Signature Code Execution Vulnerability — CPC200-CCPACWE-347 | 8.8 | - | 2025-04-23 |
| CVE-2025-2763 | CarlinKit CPC200-CCPA Improper Verification of Cryptographic Signature Code Execution Vulnerability — CPC200-CCPACWE-347 | 6.8 | - | 2025-04-23 |
| CVE-2025-2762 | CarlinKit CPC200-CCPA Missing Root of Trust Local Privilege Escalation Vulnerability — CPC200-CCPACWE-1326 | 7.8 | - | 2025-04-23 |
This page lists every published CVE security advisory associated with CarlinKit. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.