216.73.217.86

CVE-2026-25819

· Published 13/03/2026 19:54 · Modified 13/03/2026 19:54

Labels: CVE-2026-25819 2026-03-13CVE-2026-25819CWE-400[email protected]

Essential information

Published
13/03/2026 19:54
Modified
13/03/2026 19:54
Author
Creator
CVSS
7.5 HIGH (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CVSS metrics

Description

HMS Networks Ewon Flexy with firmware before 15.0s4, Cosy+ with firmware 22.xx before 22.1s6, and Cosy+ with firmware 23.xx before 23.0s3 allows unauthenticated attackers to cause a Denial of Service by using a specially crafted HTTP request that leads to a reboot of the device, provided they have access to the device's GUI.

NVD status

Status
Received — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
hms networks / ewon flexy cpe:2.3:a:hms_networks:ewon_flexy:<15.0s4:*:*:*:*:*:*:*
hms networks / cosy+ cpe:2.3:a:hms_networks:cosy+:<22.1s6:*:*:*:*:*:*:*
hms networks / cosy+ cpe:2.3:a:hms_networks:cosy+:<23.0s3:*:*:*:*:*:*:*

References