📦 Blu Ic4 Firmware

This vulnerability in BLU-IC2 and BLU-IC4 email servers disables certificate verification, allowing man-in-the-middle attacks. Attackers can intercept and manipulate email traffic between affected ser...

This CVE describes a missing security headers vulnerability in BLU-IC2 and BLU-IC4 devices through version 1.19.5. Attackers can exploit this to conduct various web-based attacks like clickjacking, XS...

CVE-2025-12552 is a critical authentication vulnerability in BLU-IC2 and BLU-IC4 devices where insufficient password policies allow weak or default credentials. Attackers can gain administrative acces...

This vulnerability in BLU-IC2 and BLU-IC4 devices allows attackers to trigger systemic internal server errors (HTTP 500 responses) that could potentially lead to denial of service or information discl...

CVE-2025-12476 is a critical authentication bypass vulnerability affecting BLU-IC2 and BLU-IC4 devices. Attackers can access sensitive resources without credentials, potentially compromising entire sy...

This vulnerability allows attackers to obtain server version information from BLU-IC2 and BLU-IC4 devices. This information disclosure can facilitate further attacks by revealing system details that s...

This vulnerability allows local attackers to escalate privileges by exploiting a SUID-bit binary in BLU-IC2 and BLU-IC4 devices. Attackers can gain root-level access on affected systems running vulner...

This vulnerability allows attackers to write arbitrary files through a vulnerable upgrade feature in BLU-IC2 and BLU-IC4 devices. Successful exploitation could lead to obtaining super user (root) perm...

CVE-2025-12364 is a weak password policy vulnerability affecting BLU-IC2 and BLU-IC4 devices. This allows attackers to easily guess or brute-force passwords due to insufficient complexity requirements...

CVE-2025-12285 is a missing initial password change vulnerability affecting BLU-IC2 and BLU-IC4 devices. This allows attackers to access systems using default credentials that were never changed after...

This vulnerability allows attackers to manipulate mail configuration files and execute arbitrary commands on affected BLU-IC2 and BLU-IC4 devices. Attackers can achieve remote code execution with high...

This vulnerability involves BLU-IC2 and BLU-IC4 devices using the default SNMP community string 'public', which allows unauthorized access to SNMP services. Attackers can read sensitive system informa...

This critical vulnerability in Azure Access OS affects BLU-IC2 and BLU-IC4 devices, allowing attackers to potentially execute arbitrary code or gain unauthorized access. All systems running affected v...

CVE-2025-12176 involves undocumented administrative accounts being automatically created to facilitate application access on BLU-IC2 and BLU-IC4 devices. This allows attackers to gain unauthorized adm...

This vulnerability involves outdated UI dependencies in BLU-IC2 and BLU-IC4 devices that could allow attackers to execute arbitrary code or compromise system integrity. It affects all versions up to 1...

This CVE describes a resource allocation vulnerability in Azure Access Technology BLU-IC2 and BLU-IC4 devices that allows attackers to flood the system with requests, potentially causing denial of ser...

This vulnerability allows attackers to perform unauthorized actions on behalf of authenticated users by exploiting the lack of CSRF protection in BLU-IC2 and BLU-IC4 devices. Affected users include an...

A protocol manipulation vulnerability in BLU-IC2 and BLU-IC4 devices allows attackers to cause denial of service by sending specially crafted network traffic. This affects all versions up to 1.19.5 of...

This vulnerability allows unauthorized disclosure of email passwords in BLU-IC2 and BLU-IC4 devices. Attackers can potentially access sensitive email credentials stored or transmitted by these systems...

This CVE bundles multiple known vulnerabilities in BusyBox 1.31.1 affecting BLU-IC2 and BLU-IC4 devices up to version 1.19.5. The vulnerabilities could allow attackers to execute arbitrary code, escal...

This vulnerability involves a mismatch between the credits page and actual firmware versions in BLU-IC2 and BLU-IC4 devices, potentially allowing attackers to exploit version confusion for further att...

This vulnerability involves error messages being exposed in HTTP headers, potentially leaking sensitive information about the system. It affects BLU-IC2 and BLU-IC4 devices up to version 1.19.5. Attac...

This vulnerability in BLU-IC2 and BLU-IC4 web interfaces allows attackers to submit malicious input due to insufficient validation. It affects all versions up to 1.19.5 of these products. The lack of ...

A vulnerability in BLU-IC2 and BLU-IC4 devices allows malicious or malformed applications to be installed but not uninstalled, potentially leading to system unavailability. This affects all versions t...

This vulnerability in BLU-IC2 and BLU-IC4 devices allows information leakage through an enabled serial console, potentially exposing system details that could aid attackers in discovering additional v...

This vulnerability allows attackers to read sensitive cookies via JavaScript due to missing Secure and HttpOnly attributes. It affects BLU-IC2 and BLU-IC4 devices up to version 1.19.5, potentially exp...

This vulnerability allows attackers to inject malicious scripts into application manifests, which could lead to stored cross-site scripting (XSS) attacks when other users view the affected manifests. ...

This vulnerability allows HTML/JavaScript injection in API responses due to incorrect Content-Type headers. Attackers could potentially execute cross-site scripting (XSS) attacks against users accessi...