Jamie Riden

Researcher fromNetSPI
#8755of 53,633
31.2Total CVSS
Vulnerabilities · 5
Medium
4
Critical
1
PT-2025-9270
9.8
2025-03-03
Unknown · Oxidized-Web · CVE-2025-27590
**Name of the Vulnerable Software and Affected Versions** oxidized-web versions prior to 0.15.0 **Description** The issue allows an unauthenticated user to gain control over the Linux user account running the software through the RANCID migration page. **Recommendations** For versions prior to 0.15.0, update to version 0.15.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the RANCID migration page until the update is applied.
PT-2019-7660
5.2
2019-08-08
NetGear · Netgear Ex7000 · CVE-2016-10864
**Name of the Vulnerable Software and Affected Versions** NETGEAR EX7000 version 1.0.0.42 1.0.94 **Description** The issue allows for XSS via the SSID. **Recommendations** For NETGEAR EX7000 version 1.0.0.42 1.0.94, consider changing the SSID to a value that does not contain malicious code as a temporary workaround until a patch is available.
PT-2019-8419
4.3
2019-08-08
Cognitoys · Cognitoys Dino · CVE-2017-18484
**Name of the Vulnerable Software and Affected Versions** Cognitoys Dino devices (affected versions not specified) **Description** The issue allows for XSS via the SSID. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2019-8420
5.8
2019-08-08
Cognitoys · Cognitoys Dino · CVE-2017-18485
**Name of the Vulnerable Software and Affected Versions** Cognitoys Dino devices (affected versions not specified) **Description** The issue allows for a CSRF attack on the profiles add.html page. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2019-8418
6.1
2019-08-07
Annke · Annke Sp1 Hd Wireless Camera · CVE-2017-18483
**Name of the Vulnerable Software and Affected Versions** ANNKE SP1 HD wireless camera version 3.4.1.1604071109 **Description** The issue allows for cross-site scripting (XSS) attacks via a crafted SSID. This means an attacker could potentially inject malicious code into the device by manipulating the SSID, which could lead to unauthorized access or control of the device. **Recommendations** For ANNKE SP1 HD wireless camera version 3.4.1.1604071109, consider changing the SSID to a secure value and avoid using any user-provided input for the SSID until a patch is available. As a temporary workaround, restrict access to the device's web interface to minimize the risk of exploitation.