← back
CVE-2025-14014

Insecure File Upload in NTN Informatics' Smart Panel

CVSS 9.8 CRITICALEPSS 0.4%CWE-434
Vexday Risk Score
28Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 9.8EPSS 0.4%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
12 Feb 2026Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Unrestricted Upload of File with Dangerous Type vulnerability in NTN Information Processing Services Computer Software Hardware Industry and Trade Ltd. Co. Smart Panel allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Smart Panel: before 20251215.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H