CVE Daily

CVE-2019-19144

XML External Entity Injection vulnerability in Quantum DXi6702 2.3.0.3 (11449-53...

Critical CVSS 9.8

Overview

XML External Entity Injection vulnerability in Quantum DXi6702 2.3.0.3 (11449-53631 Build304) devices via rest/Users?action=authenticate.

CWE: CWE-776 Published: 2025-08-01T16:15:37.243
Risk analysis

This vulnerability is rated 🔴 CRITICAL.

  • CVSS: 9.8 (CRITICAL)
  • Detected tags: xxe (tag impact: MODERATE)

Recommended actions:

  • Disable external entities in XML parsers; use safe libraries.

Recommended tools

Tags