Magewell CVEs and Security Vulnerabilities

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2025-63952	1 Magewell	27 Convert, Pro Convert 12g Sdi 4k Plus, Pro Convert 12g Sdi 4k Plus Firmware and 24 more	2025-12-30	5.7 Medium
A Cross-Site Request Forgery (CSRF) in the /mwapi?method=add-user component of Magewell Pro Convert v1.2.213 allows attackers to arbitrarily create accounts via a crafted GET request.
CVE-2025-63953	1 Magewell	11 Convert, Ultra Encode Aio, Ultra Encode Aio Firmware and 8 more	2025-12-30	6.5 Medium
A Cross-Site Request Forgery (CSRF) in the /usapi?method=add-user component of Magewell Pro Convert v1.2.213 allows attackers to arbitrarily create accounts via a crafted GET request.

Page 1 of 1.