14 matches found
CVE-2025-14485
A weakness has been identified in EFM ipTIME A3004T 14.19.0. This vulnerability affects the function showdebugscreen of the file /sess-bin/timepro.cgi of the component Administrator Password Handler. This manipulation of the argument aaksjdkfj with the input !@dnjsrureljrm& causes command...
CVE-2025-14485 EFM ipTIME A3004T Administrator Password timepro.cgi show_debug_screen command injection
A weakness has been identified in EFM ipTIME A3004T 14.19.0. This vulnerability affects the function showdebugscreen of the file /sess-bin/timepro.cgi of the component Administrator Password Handler. This manipulation of the argument aaksjdkfj with the input !@dnjsrureljrm& causes command...
EUVD-2025-202644
A weakness has been identified in EFM ipTIME A3004T 14.19.0. This vulnerability affects the function showdebugscreen of the file /sess-bin/timepro.cgi of the component Administrator Password Handler. This manipulation of the argument aaksjdkfj with the input !@dnjsrureljrm& causes command...
CVE-2025-14485
CVE-2025-14485 affects EFM ipTIME A3004T 14.19.0. The vulnerability is in the Administrator Password Handler’s show_debug_screen function (file /sess-bin/timepro.cgi). Manipulating the argument aaksjdkfj with input !@dnjsrureljrm*& enables command injection remotely. Public exploit content is ind...
PT-2025-50570
A weakness has been identified in EFM ipTIME A3004T 14.19.0. This vulnerability affects the function show debug screen of the file /sess-bin/timepro.cgi of the component Administrator Password Handler. This manipulation of the argument aaksjdkfj with the input !@dnjsrureljrm& causes command...
CVE-2025-10389
A security flaw has been discovered in CRMEB up to 5.6.1. Impacted is the function Save of the file app/services/system/admin/SystemAdminServices.php of the component Administrator Password Handler. Performing manipulation of the argument ID results in improper authorization. The attack may be...
CRMEB 授权问题漏洞
CRMEB is a Java mall system of CRMEB open source. An authorization issue vulnerability exists in CRMEB 5.6.1 and earlier versions, which stems from incorrect manipulation of the parameter ID of the component Administrator Password Handler in the file...
CVE-2025-6097
A vulnerability was found in UTT 进取 750W up to 5.0 and classified as critical. Affected by this issue is the function formDefineManagement of the file /goform/setSysAdm of the component Administrator Password Handler. The manipulation of the argument passwd1 leads to unverified password change. T...
CVE-2025-6097
A vulnerability was found in UTT 进取 750W up to 5.0 and classified as critical. Affected by this issue is the function formDefineManagement of the file /goform/setSysAdm of the component Administrator Password Handler. The manipulation of the argument passwd1 leads to unverified password change. T...
CVE-2025-6097 UTT 进取 750W Administrator Password setSysAdm formDefineManagement unverified password change
A vulnerability was found in UTT 进取 750W up to 5.0 and classified as critical. Affected by this issue is the function formDefineManagement of the file /goform/setSysAdm of the component Administrator Password Handler. The manipulation of the argument passwd1 leads to unverified password change. T...
VulnCheck KEV: CVE-2023-4169
A vulnerability was found in Ruijie RG-EW1200G 1.01B1P5. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /api/sys/setpasswd of the component Administrator Password Handler. The manipulation leads to improper access controls. The attack...
CVE-2023-4169
A vulnerability was found in Ruijie RG-EW1200G 1.01B1P5. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /api/sys/setpasswd of the component Administrator Password Handler. The manipulation leads to improper access controls. The attack can ...
CVE-2023-4169 Ruijie RG-EW1200G Administrator Password set_passwd access control
A vulnerability was found in Ruijie RG-EW1200G 1.01B1P5. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /api/sys/setpasswd of the component Administrator Password Handler. The manipulation leads to improper access controls. The attack can ...
PT-2023-28048 · Ruijie · Ruijie Rg-Ew1200G
Name of the Vulnerable Software and Affected Versions: Ruijie RG-EW1200G version 1.01B1P5 Description: A critical issue has been found in the Administrator Password Handler component, specifically affecting an unknown functionality of the file "/api/sys/set passwd". This leads to improper access...