Primary

Context

EZCast Pro II Improper Input Validation Vulnerability Allowing File Manipulation in Temporary Directory

Vulnerability

A vulnerability exists in the Admin UI of EZCast Pro II version 1.17478.146, where improper input validation allows attackers to manipulate files in the /tmp directory. This issue affects all versions of the EZCast Pro II Dongle from NimbleTech.

Impact

Exploitation of this vulnerability could lead to unauthorized file manipulation in the temporary directory, potentially allowing for further exploitation or disruption of the device's functionality.

Remediation

Users are advised to disconnect the dongle from the local network, limit usage to access point functionality, and change the default password. The National Cyber Security Centre NCSC has issued a warning regarding this vulnerability, advising users to take these immediate actions until a firmware patch is available.

Added: Jan 27, 2026, 10:21 AM

Updated: Jan 27, 2026, 3:10 PM

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

0.6

exploitability

7.0

remediation

8.3

relevance

2.3

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

0.6

exploitability

7.0

remediation

8.3

relevance

2.3

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

EZCast Pro II Improper Input Validation Vulnerability Allowing File Manipulation in Temporary Directory

Vulnerability

Impact

Remediation

Affected Products

NimbleTech EZCast Pro II

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating