Browse all 5 CVE security advisories affecting Xorux. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Xorux develops network monitoring and management software, primarily for IT infrastructure and unified communications systems. Historically, their products have been vulnerable to multiple remote code execution flaws, cross-site scripting, and privilege escalation vulnerabilities, often stemming from improper input validation and insecure authentication mechanisms. The company has addressed several critical issues, including a high-severity RCE vulnerability in their SNMP monitoring tool and an XSS flaw in their web interface. While no major public security incidents have been widely reported, their CVE history indicates a pattern of vulnerabilities that could allow attackers to compromise systems, particularly in environments where their monitoring tools are deployed with elevated privileges.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-54769 | KL-001-2025-016: Xorux LPAR2RRD File Upload Directory Traversal — LPAR2RRDCWE-24 | 8.8AI | HighAI | 2025-07-28 |
| CVE-2025-54768 | KL-001-2025-015: Xorux LPAR2RRD Read Only User Log Download Exposing Sensitive Information — LPAR2RRDCWE-648 | 4.3AI | MediumAI | 2025-07-28 |
| CVE-2025-54767 | KL-001-2025-014: Xorux LPAR2RRD Read Only User Denial of Service — LPAR2RRDCWE-648 | 6.5AI | MediumAI | 2025-07-28 |
This page lists every published CVE security advisory associated with Xorux. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.