Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

tcis-3

Source -

NVD

CNA CVEs -

0

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

3
Related CVEsRelated VendorsRelated AssignersReports
3Vulnerabilities found
CVE-2025-59818
Assigner-National Cyber Security Centre Netherlands (NCSC-NL)
ShareView Details
Assigner-National Cyber Security Centre Netherlands (NCSC-NL)
CVSS Score-10||CRITICAL
EPSS-0.13% / 32.57%
||
7 Day CHG+0.03%
Published-04 Feb, 2026 | 10:26
Updated-11 Feb, 2026 | 20:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Authenticated Remote Code Execution via the file name of an uploaded file

This vulnerability allows authenticated attackers to execute arbitrary commands on the underlying system using the file name of an uploaded file.

Action-Not Available
Vendor-zenitelZenitel
Product-tcis-3_firmwaretcis-3TCIS-3+
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2025-64091
Assigner-National Cyber Security Centre Netherlands (NCSC-NL)
ShareView Details
Assigner-National Cyber Security Centre Netherlands (NCSC-NL)
CVSS Score-8.6||HIGH
EPSS-0.06% / 18.43%
||
7 Day CHG+0.01%
Published-09 Jan, 2026 | 10:00
Updated-12 Feb, 2026 | 17:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Authenticated Remote Code Execution in the NTP-configuration

This vulnerability allows authenticated attackers to execute commands via the NTP-configuration of the device.

Action-Not Available
Vendor-zenitelZenitel
Product-tcis-3_firmwaretcis-3TCIS-3+
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-64090
Assigner-National Cyber Security Centre Netherlands (NCSC-NL)
ShareView Details
Assigner-National Cyber Security Centre Netherlands (NCSC-NL)
CVSS Score-10||CRITICAL
EPSS-0.09% / 24.97%
||
7 Day CHG+0.01%
Published-09 Jan, 2026 | 09:59
Updated-12 Feb, 2026 | 17:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Authenticated Remote Code Execution in device hostname

This vulnerability allows authenticated attackers to execute commands via the hostname of the device.

Action-Not Available
Vendor-zenitelZenitel
Product-tcis-3_firmwaretcis-3TCIS-3+
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')