PT-2025-48998 · Fanvil · Fanvil X210 V2
Published
2025-12-03
·
Updated
2025-12-04
·
CVE-2025-64055
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Fanvil x210 V2 version 2.12.20
Description
An issue exists in Fanvil x210 V2 version 2.12.20 that allows unauthenticated attackers on the local network to access administrative functions of the device. These functions include file upload, firmware update, and reboot. The issue is due to a crafted authentication bypass.
Recommendations
Update to a newer version that contains a fix for this vulnerability.
Exploit
Fix
Improper Authentication
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Fanvil X210 V2