SecAlerts
CVE ListPricingSign Up
tiandy logo

tiandy

Security Risk Profile

41
/100
medium

Security Risk Score

Comprehensive risk assessment based on 14 vulnerabilities, EPSS scores, exploitation status, and remediation availability.

📅 Data spans from October 11, 2017 to present

14
Total CVEs
3
Critical+High
0
Exploited
3
Unpatched

Threat Assessment

Avg CVSS
6.7
Base severity
Avg EPSS
0%
Exploit probability
Unpatched
3
Critical/High
Risk Level
41/100
medium
🆕 2Fresh (<7d)📈 3 in Last 30 Days

Severity Distribution

Critical
0
High
3
Medium
11
Low
0

Exploit Likelihood

>50% chance
0
20-50%
0
5-20%
0
<5%
11

Age Distribution

Common Weaknesses (CWE)

1
SQL Injection
6
2
OS Command Injection
2
3
Command Injection
2
4
Malicious File Upload
2
5
SSRF
1

Most Affected Products

1. Tiandy Easy7 Integrated Management Platform9
2. Tiandy Video Surveillance System2
3. Tiandy Integrated Management Platform1
4. Tiandy Easy7 CMS1
5. Tiandy Easy7 CMS Windows1

Recent Vulnerabilities

See more →
CVE-2026-9466
CVSS 5.3medium

Tiandy Easy7 Integrated Management Platform API Endpoint updateUserPassword password recovery

5/25/2026🔧 No Patch
CVE-2026-9465
CVSS 7.3high

Tiandy Easy7 Integrated Management Platform GetDBDataEx.jsp sql injection

5/25/2026🔧 No Patch
CVE-2026-7698
CVSS 5.5EPSS 2%medium

Tiandy Easy7 Integrated Management Platform updateDbBackupInfo os command injection

5/3/2026🔧 No Patch
CVE-2026-4585
CVSS 8.9EPSS 0%high

Tiandy Easy7 Integrated Management Platform Configuration ImportSystemConfiguration.jsp os command injection

3/23/2026🔧 No Patch
CVE-2026-4289
CVSS 6.9EPSS 0%medium

Tiandy Easy7 Integrated Management Platform getRecByTemplateId sql injection

3/17/2026🔧 No Patch
CVE-2026-4288
CVSS 6.9EPSS 0%medium

Tiandy Easy7 Integrated Management Platform Endpoint getDevDetailedInfo sql injection

3/17/2026🔧 No Patch
CVE-2026-4287
CVSS 6.9EPSS 0%medium

Tiandy Easy7 Integrated Management Platform Endpoint queryResources sql injection

3/16/2026🔧 No Patch
CVE-2026-4232
CVSS 6.9EPSS 0%medium

Tiandy Integrated Management Platform getAuthorityByUserId sql injection

3/16/2026🔧 No Patch
CVE-2026-4221
CVSS 6.9EPSS 0%medium

Tiandy Easy7 Integrated Management Platform Endpoint uploadLedImage unrestricted upload

3/16/2026🔧 No Patch
CVE-2026-4187
CVSS 5.5EPSS 0%medium

Tiandy Easy7 Integrated Management Platform Device Identifier UpdateLocalDevInfo.jsp missing authentication

3/15/2026🔧 No Patch

Monitor tiandy in Real-Time

Get instant alerts when new vulnerabilities are discovered. Stay ahead of security threats with SecAlerts.

Start Free TrialBook a Demo
Powered bySecAlerts

Monitor Your Software Stack in Real-Time

Get instant alerts when vulnerabilities are discovered in your software stack. Stay ahead of security threats with SecAlerts.

Start Free TrialBook a Demo
AboutNewsDocumentationTermsContact

© 2026 SecAlerts Pty Ltd. All rights reserved.