CVE-2025-15082 | TOZED ZLT M30s up to 1.47 Web Management Interface /reqproc/proc_post goformId information disclosure

Inserito da Angelo Barbosa | Dic 25, 2025 | CVE

A vulnerability, which was classified as problematic, has been found in TOZED ZLT M30s up to 1.47. Impacted is an unknown function of the file /reqproc/proc_post of the component Web Management Interface. Performing manipulation of the argument goformId results in information disclosure.

This vulnerability is cataloged as CVE-2025-15082. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-15082 | TOZED ZLT M30s up to 1.47 Web Management Interface /reqproc/proc_post goformId information disclosure

Post correlati

CVE-2024-29272 | VvvebJs up to 1.7.4 save.php sanitizeFileName Remote Code Execution (Issue 343)

CVE-2024-5437 | SourceCodester Simple Online Bidding System 1.0 index.php save_category name cross site scripting

CVE-2025-0473 | PMB Services PMB Platform 4.0.10 File Upload iimport_authorities cleanup

CVE-2025-1441 | wproyal Royal Elementor Addons and Templates Plugin up to 1.7.1007 on WordPress wpr_filter_woo_products cross-site request forgery