Browse all 6 CVE security advisories affecting TOZED. AI-powered Chinese analysis, POCs, and references for each vulnerability.
TOZED is a software provider primarily focused on enterprise resource planning (ERP) and business management solutions. Historically, their products have been susceptible to remote code execution, cross-site scripting, and privilege escalation vulnerabilities, with six CVEs documented to date. Security researchers have identified authentication bypass flaws and insecure default configurations as recurring issues. While no major public security incidents have been widely reported, the consistent pattern of vulnerabilities in their web applications and APIs suggests potential risks for organizations relying on their platforms. Proper hardening and regular patching remain critical for mitigating exposure to known exploits targeting TOZED implementations.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-15083 | TOZED ZLT M30s UART on-chip debug and test interface with improper access control — ZLT M30sCWE-1191 | 2.0 | Low | 2025-12-25 |
| CVE-2025-15082 | TOZED ZLT M30s Web Management proc_post information disclosure — ZLT M30sCWE-200 | 5.3 | Medium | 2025-12-25 |
| CVE-2025-14126 | TOZED ZLT M30S/ZLT M30S PRO Web hard-coded credentials — ZLT M30SCWE-798 | 8.8 | High | 2025-12-06 |
| CVE-2025-14105 | TOZED ZLT M30S/ZLT M30S PRO Web proc_post denial of service — ZLT M30SCWE-404 | 4.3 | Medium | 2025-12-05 |
| CVE-2025-12917 | TOZED ZLT T10 Reboot proc_post denial of service — ZLT T10CWE-404 | 4.3 | Medium | 2025-11-09 |
| CVE-2025-5105 | TOZED ZLT W51 Service Port 7777 heap inspection — ZLT W51CWE-244 | 7.3 | High | 2025-05-23 |
This page lists every published CVE security advisory associated with TOZED. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.