📦

universal_traffic_recorder

Vendor: audi

Actively Exploited 0 CISA KEV List

PoC / Exploits 0 Code Available

Total RCEs 1 Remote Access

Total CVEs 10 Total Indexed

Avg. EPSS 0.08% Exploit Prob.

Latest CVE CVE-2025-45587 Sep 12

Security Vulnerability Index

Page 1 / 1

7.0 CVSS

CVE-2025-45587

A stack overflow in the FTP service of Audi UTR 2.0 Universal Traffic Recorder 2.0 allows attackers to cause a Denial of Service (DoS) via a crafted input.

EPSS: 0.09%

Severity: HIGH

Sep 12, 2025

7.5 CVSS

CVE-2025-45586

RCE

An issue in Audi UTR 2.0 Universal Traffic Recorder 2.0 allows attackers to arbitrarily overwrite files via supplying a crafted PUT request.

EPSS: 0.09%

Severity: HIGH

Sep 12, 2025

5.4 CVSS

CVE-2025-45585

Multiple stored cross-site scripting (XSS) vulnerabilities in Audi UTR 2.0 Universal Traffic Recorder 2.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the wifi_sta_ssid or wifi_ap_ssid parameters.

EPSS: 0.04%

Severity: MEDIUM

Sep 12, 2025

7.5 CVSS

CVE-2025-45584

Incorrect access control in the web service of Audi UTR 2.0 Universal Traffic Recorder 2.0 allows attackers to download car information without authentication.

EPSS: 0.07%

Severity: HIGH

Sep 12, 2025

9.1 CVSS

CVE-2025-45583

Incorrect access control in the FTP protocol of Audi UTR 2.0 Universal Traffic Recorder 2.0 allows attackers to authenticate into the service using any combination of username and password.

EPSS: 0.09%

Severity: CRITICAL

Sep 12, 2025

Displaying 5 of 10 Total Entries

Total 1 Sections