Iptime A8004t Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Iptime A8004t Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2025-55423 — CVSS 9.8 (critical): A command injection vulnerability exists in the upnp_relay() function in multiple ipTIME router models because the controlURL value used to…
CVE-2026-1740 — CVSS 7.3 (high): A vulnerability was found in EFM ipTIME A8004T 14.18.2. This impacts the function httpcon_check_session_url of the file /cgi/timepro.cgi of…
CVE-2026-1741 — CVSS 6.6 (medium): A vulnerability was determined in EFM ipTIME A8004T 14.18.2. Affected is the function httpcon_check_session_url of the file /sess-bin/d.cgi…
CVE-2026-1742 — CVSS 4.7 (medium): A vulnerability was identified in EFM ipTIME A8004T 14.18.2. Affected by this vulnerability is the function commit_vpncli_file_upload of…