Vulnerability Database

315,294

Total vulnerabilities in the database

CVE-2025-60739

Cross Site Request Forgery (CSRF) vulnerability in Ilevia EVE X1 Server Firmware Version v4.7.18.0.eden and before, Logic Version v6.00 - 2025_07_21 allows a remote attacker to execute arbitrary code via the /bh_web_backend component

  • Published: Nov 25, 2025
  • Updated: Dec 31, 2025
  • CVE: CVE-2025-60739
  • Severity: Critical
  • Exploit:

CVSS v3:

  • Severity: Critical
  • Score: 9.6
  • AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

CWEs:

OWASP TOP 10:

Software From Fixed in
ilevia / eve_x1_server_firmware 4.7.18.0 4.7.18.0.x