These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.
CVE-2025-34518 is a relative path traversal issue in Ilevia EVE X1 Server firmware. An attacker can read arbitrary files through get_file_content.php, and the supplied advisory says Ilevia declined to service the issue and recommends keeping port 8080 off the internet-facing perimeter.
CVE-2025-34517 is a high-severity file-read vulnerability in Ilevia EVE X1 Server firmware. CISA’s advisory says an absolute path traversal issue in get_file_content.php can let an attacker read arbitrary files. The vendor guidance focuses on reducing exposure: do not expose port 8080 to the internet, close it on devices and routers, and use the secure access option in the updated Ilevia Manager.
CVE-2025-34513 is a critical unauthenticated OS command injection vulnerability in Ilevia EVE X1 Server firmware, specifically in mbus_build_from_csv.php. CISA’s advisory states the issue can allow arbitrary code execution over the network and assigns a 9.8 CVSS score. The advisory also notes that Ilevia declined to service the vulnerability and recommends that customers avoid exposing port 8080 to the internet.
CVE-2025-34512 is a reflected cross-site scripting issue in Ilevia EVE X1 Server firmware, affecting index.php. According to the CISA advisory, an unauthenticated attacker can trigger the flaw. Ilevia declined to service the vulnerability and advises customers not to expose port 8080 to the internet.
CVE-2025-34187 is a critical privilege-escalation issue in Ilevia EVE X1/X5 Server. CISA’s advisory says a sudoers misconfiguration allows passwordless execution of certain Bash scripts; if an attacker can modify those scripts or influence command execution, they may replace them with malicious content and obtain full root access. Because the published CVSS vector is network-facing and requires no privile [truncated]
CVE-2025-34186 is a critical authentication flaw in Ilevia EVE X1/X5 Server. According to the CISA CSAF advisory published on 2026-02-05, unsanitized input reaches a system() call used during authentication, and the binary treats non-zero exit codes as successful authentication. That combination allows remote attackers to bypass login controls and gain full access to the system.
CVE-2025-34185 affects Ilevia EVE X1 Server and allows pre-authentication file disclosure through the db_log POST parameter. Because the issue is reachable remotely and requires no authentication, attackers may be able to retrieve arbitrary files from the server. The supplied advisory notes potential exposure of sensitive system information and credentials, making this a high-priority confidentiality risk [truncated]
CVE-2025-34184 affects the Ilevia EVE X1 Server and is a critical unauthenticated OS command injection issue. According to the CISA advisory published on 2026-02-05, remote attackers can inject payloads into the /ajax/php/login.php script via the passwd HTTP POST parameter and cause arbitrary system command execution. The documented impact includes full system compromise or denial of service.
CVE-2025-34183 is a critical Ilevia EVE X1 Server vulnerability where server-side logging can expose plaintext credentials in .log files. Because the exposed credentials can be reused, an unauthenticated remote attacker may bypass authentication and gain system-level access.