CVE-2025-53703 is a high-severity confidentiality issue in DuraComm Corporation’s SPM-500 DP-10iN-100-MU. According to the CISA CSAF advisory published on 2025-07-22, the affected product transmits sensitive data without encryption over a channel that could be intercepted. DuraComm recommends updating to Version 4.10A to address the issue. For operators of the affected device, this is primarily a data exp [truncated]
CVE-2025-48733 is a high-severity availability issue in DuraComm’s SPM-500 DP-10iN-100-MU. CISA says the affected product lacks access controls for a function that should require user authentication, which could allow an attacker to repeatedly reboot the device. DuraComm recommends updating to Version 4.10A.
CVE-2025-41425 is a CISA-published advisory for a cross-site scripting (XSS) issue in DuraComm Corporation’s SPM-500 DP-10iN-100-MU, affecting version 4.10 and earlier. The vendor states that the issue could allow an attacker to prevent legitimate users from accessing the web interface. DuraComm recommends updating to Version 4.10A.
