CVE-2025-28395

D-LINK DI-8100 16.07.26A1 is vulnerable to Buffer Overflow in the ipsecroadasp function via the hostip parameter...

CVE-2025-28395

D-LINK DI-8100 16.07.26A1 is vulnerable to Buffer Overflow in the ipsecroadasp function via the hostip parameter...

CVE-2025-28395

creationtimestamp| type| source ---|---|--- 2025-04-01 13:32:42+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/9894...

CVE-2025-28395

The CVE-2025-28395 entry concerns the D-Link DI-8100, version 16.07.26A1, with a Buffer Overflow in the ipsec_road_asp function via the host_ip parameter. Multiple sources (CNVD/CNNVD/NVD) describe that the vulnerability stems from inadequate validation of input length to ipsec_road_asp, potentia...

CVE-2025-28395

D-LINK DI-8100 16.07.26A1 is vulnerable to Buffer Overflow in the ipsecroadasp function via the hostip parameter...

CVE-2024-28395

SQL injection vulnerability in Best-Kit bestkitpopup v.1.7.2 and before allows a remote attacker to escalate privileges via the bestkitpopup.php component...

CVE-2024-28395

SQL injection vulnerability in Best-Kit bestkitpopup v.1.7.2 and before allows a remote attacker to escalate privileges via the bestkitpopup.php component...

CVE-2024-28395

CVE-2024-28395 affects Best-Kit Best-Kit Pop-up (bestkit_popup) for PrestaShop, with vulnerable versions 1.7.2 and earlier. Root cause is an SQL injection in bestkit_popup.php that enables remote privilege escalation. CVSSv3.1 details: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H, yielding a base score of...

Siemens SCALANCE X Switches Use of Hard-Coded Cryptographic Key (CVE-2020-28395)

A vulnerability has been identified in SCALANCE X-200RNA switch family All versions V3.2.7, SCALANCE X-300 switch family incl. X408 and SIPLUS NET variants All versions V4.1.0. Devices do not create a new unique private key after factory reset. An attacker could leverage this situation to a...

CVE-2023-28395

CVE-2023-28395 affects Osprey Pump Controller version 1.01. The vulnerability stems from a weak, low-entropy session token generation algorithm, enabling session ID predictability and potential authentication/authorization bypass, which could allow an attacker to hijack a session and gain unautho...

CVE-2020-28395

A vulnerability has been identified in SCALANCE X-200RNA switch family All versions V3.2.7, SCALANCE X-300 switch family incl. X408 and SIPLUS NET variants All versions V4.1.0. Devices do not create a new unique private key after factory reset. An attacker could leverage this situation to a...

CVE-2020-28395

The CVE-2020-28395 entry affects Siemens SCALANCE X-200/X-200RNA and X-300 switch families (including SIPLUS NET variants) where a new unique private key is not created after factory reset (All versions before v3.2.7 for X-200RNA and before v4.1.0 for X-300). The underlying issue is use of hard-c...