423 matches found
EUVD-2019-20136
Across DR-810 contains an unauthenticated file disclosure vulnerability that allows remote attackers to download the rom-0 backup file containing sensitive information by sending a simple GET request. Attackers can access the rom-0 endpoint without authentication to retrieve and decompress the...
CVE-2019-25706 Across DR-810 ROM-0 Unauthenticated File Disclosure
Across DR-810 contains an unauthenticated file disclosure vulnerability that allows remote attackers to download the rom-0 backup file containing sensitive information by sending a simple GET request. Attackers can access the rom-0 endpoint without authentication to retrieve and decompress the...
CVE-2019-25706 Across DR-810 ROM-0 Unauthenticated File Disclosure
Across DR-810 contains an unauthenticated file disclosure vulnerability that allows remote attackers to download the rom-0 backup file containing sensitive information by sending a simple GET request. Attackers can access the rom-0 endpoint without authentication to retrieve and decompress the...
CVE-2019-25706
The CVE-2019-25706 entry concerns Across DR-810 routers with an unauthenticated ROM-0 backup file disclosure. An unauthenticated GET request to the rom-0 endpoint allows remote attackers to download and decompress the ROM-0 backup, exposing sensitive configuration data (including router passwords...
Across DR-810 安全漏洞
Across DR-810 is an enterprise-level software system developed by the Across company, designed for automating document processing and translation processes. There is a security vulnerability in Across DR-810, which stems from improper access control mechanisms, potentially leading to the leakage ...
CVE-2025-70998
UTT HiPER 810 / nv810v4 router firmware v1.5.0-140603 was discovered to contain insecure default credentials for the telnet service, possibly allowing a remote attacker to gain root access via a crafted script...
CVE-2025-70998
UTT HiPER 810 / nv810v4 router firmware v1.5.0-140603 was discovered to contain insecure default credentials for the telnet service, possibly allowing a remote attacker to gain root access via a crafted script...
PT-2026-20437
UTT HiPER 810 / nv810v4 router firmware v1.5.0-140603 was discovered to contain insecure default credentials for the telnet service, possibly allowing a remote attacker to gain root access via a crafted script...
UTT HiPER 810 安全漏洞
UTT HiPER 810 is an intelligent broadband router produced by UTT Corporation. UTT HiPER 810 has a security vulnerability. This vulnerability stems from the use of insecure default credentials in the telnet service, which may allow remote attackers to obtain root access through a specially crafted...
CVE-2025-70998
UTT HiPER 810 / nv810v4 router firmware v1.5.0-140603 was discovered to contain insecure default credentials for the telnet service, possibly allowing a remote attacker to gain root access via a crafted script...
CVE-2026-2135
A vulnerability was detected in UTT HiPER 810 1.7.4-141218. The impacted element is the function sub43F020 of the file /goform/formPdbUpConfig. Performing a manipulation of the argument policyNames results in command injection. It is possible to initiate the attack remotely. The exploit is now...
CVE-2026-2118
A vulnerability was determined in UTT HiPER 810 1.7.4-141218. The impacted element is the function sub4407D4 of the file /goform/formReleaseConnect of the component rehttpd. Executing a manipulation of the argument IspName can lead to command injection. The attack can be launched remotely. The...
CVE-2026-2080
A vulnerability has been found in UTT HiPER 810 1.7.4-141218. This issue affects the function setSysAdm of the file /goform/formUser. The manipulation of the argument passwd1 leads to command injection. Remote exploitation of the attack is possible. The exploit has been disclosed to the public an...
CVE-2026-2135
A vulnerability was detected in UTT HiPER 810 1.7.4-141218. The impacted element is the function sub43F020 of the file /goform/formPdbUpConfig. Performing a manipulation of the argument policyNames results in command injection. It is possible to initiate the attack remotely. The exploit is now...
CVE-2026-2135 UTT HiPER 810 formPdbUpConfig sub_43F020 command injection
A vulnerability was detected in UTT HiPER 810 1.7.4-141218. The impacted element is the function sub43F020 of the file /goform/formPdbUpConfig. Performing a manipulation of the argument policyNames results in command injection. It is possible to initiate the attack remotely. The exploit is now...
CVE-2026-2135 UTT HiPER 810 formPdbUpConfig sub_43F020 command injection
A vulnerability was detected in UTT HiPER 810 1.7.4-141218. The impacted element is the function sub43F020 of the file /goform/formPdbUpConfig. Performing a manipulation of the argument policyNames results in command injection. It is possible to initiate the attack remotely. The exploit is now...
EUVD-2026-5813
A vulnerability was detected in UTT HiPER 810 1.7.4-141218. The impacted element is the function sub43F020 of the file /goform/formPdbUpConfig. Performing a manipulation of the argument policyNames results in command injection. It is possible to initiate the attack remotely. The exploit is now...
CVE-2026-2135
CVE-2026-2135 affects UTT HiPER 810, version 1.7.4-141218. The vulnerability exists in the function sub_43F020 of the file /goform/formPdbUpConfig, where manipulating the argument policyNames enables a remote command injection. Public exploits are available, enabling remote initiation with likely...
CVE-2026-2118
A vulnerability was determined in UTT HiPER 810 1.7.4-141218. The impacted element is the function sub4407D4 of the file /goform/formReleaseConnect of the component rehttpd. Executing a manipulation of the argument IspName can lead to command injection. The attack can be launched remotely. The...
CVE-2026-2118 UTT HiPER 810 rehttpd formReleaseConnect sub_4407D4 command injection
A vulnerability was determined in UTT HiPER 810 1.7.4-141218. The impacted element is the function sub4407D4 of the file /goform/formReleaseConnect of the component rehttpd. Executing a manipulation of the argument IspName can lead to command injection. The attack can be launched remotely. The...