Craftycontrol Crafty_controller

7 CVEs affecting Craftycontrol Crafty_controller. Latest disclosed: 2026-04-21. Critical: 3, High: 4.

Top CVEs affecting Craftycontrol Crafty_controller
CVESeverityScorePublishedSummary
CVE-2026-0963Critical9.92026-01-30An input neutralization vulnerability in the File Operations API Endpoint component of Crafty Controller allows a remote, authenticated attacker to perform fil…
CVE-2025-14700Critical9.92025-12-17An input neutralization vulnerability in the Webhook Template component of Crafty Controller allows a remote, authenticated attacker to perform remote code exe…
CVE-2026-5652Critical9.02026-04-21An insecure direct object reference vulnerability in the Users API component of Crafty Controller allows a remote, authenticated attacker to perform user modif…
CVE-2026-0805High8.22026-01-30An input neutralization vulnerability in the Backup Configuration component of Crafty Controller allows a remote, authenticated attacker to perform file tamper…
CVE-2025-5990High7.62025-06-15An input neutralization vulnerability in the Server Name form and API Key form components of Crafty Controller allows a remote, authenticated attacker to perfo…
CVE-2024-1064High7.52024-02-03A host header injection vulnerability in the HTTP handler component of Crafty Controller allows a remote, unauthenticated attacker to trigger a Denial of Servi…
CVE-2025-14701High7.12025-12-17An input neutralization vulnerability in the Server MOTD component of Crafty Controller allows a remote, unauthenticated attacker to perform stored XSS via ser…