Lucene search
+L

20 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:42 p.m.9 views

CVE-2026-35904

Incorrect access control in the web management interface of T3 Technology CPE models T625Pro v1.0.07, T6825G v1.0.03, and T7281 v1.0.03 allows unauthorized attackers to enable the Telnet service via sending a crafted request to a vulnerable CGI component...

9.8CVSS5.5AI score0.00547EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.9 views

T3 Technology CPE models 安全漏洞

T3 Technology CPE models are a series of 4G/5G customer premises equipment developed by the Thai company T3 Technology. There are security vulnerabilities in the T3 Technology CPE models version 1.0.07 and the T6825G version 1.0.03. These vulnerabilities stem from unrecorded debug CGI endpoints,...

9.6CVSS5.8AI score0.00466EPSS
Exploits1References4
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.9 views

T3 Technology CPE models 安全漏洞

T3 Technology CPE models are a series of 4G/5G customer premises equipment developed by the Thai company T3 Technology. The T3 Technology CPE models, including versions v1.0.07, T6825G v1.0.03, and T7281 v1.0.03, contain security vulnerabilities. These vulnerabilities stem from the hardcoded...

9.8CVSS8.4AI score0.00421EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/06/04 12:0 a.m.8 views

CVE-2026-35906

An undocumented debug CGI endpoint in T3 Technology CPE models T625Pro v1.0.07, T6825G v1.0.03 allows unauthenticated attackers to execute arbitrary system commands as root via supplying a crafted HTTP query string...

9.6CVSS6.1AI score0.00466EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.19 views

PT-2026-46240

Incorrect access control in the web management interface of T3 Technology CPE models T625Pro v1.0.07, T6825G v1.0.03, and T7281 v1.0.03 allows unauthorized attackers to enable the Telnet service via sending a crafted request to a vulnerable CGI component...

5.8AI score0.00547EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/08/05 12:0 a.m.19 views

Jointelli 5G CPE 21H01 安全漏洞

The Jointelli 5G CPE 21H01 is a router from the Chinese company Jointelli. A security vulnerability exists in the Jointelli 5G CPE 21H01 JY21H01A3v1.36 version, which stems from the presence of OS command injection on multiple endpoints that could lead to the execution of arbitrary commands...

7.4CVSS7.6AI score0.01058EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/05/23 10:1 a.m.9 views

CVE-2024-25656

Improper input validation in AVSystem Unified Management Platform UMP 23.07.0.16567LTS can result in unauthenticated CPE Customer Premises Equipment devices storing arbitrarily large amounts of data during registration. This can potentially lead to DDoS attacks on the application database and,...

5.9CVSS7.1AI score0.00465EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/04/30 12:0 a.m.7 views

The vulnerability of the DNSServer software’s microprogramming system in Wi-Fi amplifiers, subscriber terminals, DSL/Ethernet CPE routers allows a perpetrator to execute arbitrary commands.

The vulnerability of the DNSServer software, a microprogramming-based system for Wi-Fi amplifiers, subscriber terminals, Fiber ONTs, and DSL/Ethernet CPEs exists due to the lack of measures to neutralize specific elements. Exploiting this vulnerability allows an attacker operating remotely to...

9CVSS5.8AI score0.01128EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/02/11 12:0 a.m.5 views

The vulnerability of Zyxel CPE series network device microprogramming software lies in the use of rigidly encrypted login credentials, which allows attackers to execute arbitrary codes.

The vulnerability of Zyxel network device software of the CPE series is related to the use of rigidly encrypted login credentials. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely, using the default login credentials...

10CVSS8.4AI score0.1354EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/01/14 12:0 a.m.3 views

Arcadyan Meteor 2 CPE 安全漏洞

Arcadyan Meteor 2 CPE is a high-end home integrated access device from China Smart Arcadyan. A security vulnerability exists in the Arcadyan Meteor 2 CPE FG360 Firmware ETV version 2.10. An attacker can exploit the vulnerability to execute arbitrary code via a specially crafted request...

8.7CVSS7.6AI score0.0061EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2024/10/29 12:0 a.m.8 views

The vulnerabilities of microprogrammed software in Wi-Fi transceivers, Wi-Fi amplifiers, Fiber ONTs, DSL/Ethernet CPE routers allow attackers to cause service interruptions.

The vulnerability of microprogrammed software in Wi-Fi transceivers, Wi-Fi amplifiers, Fiber ONTs, and DSL/Ethernet CPE routers lies in the fact that the operation data is exposed beyond the buffer in memory. Exploiting this vulnerability can allow a malicious actor to cause service failures...

6.8CVSS5.7AI score0.00431EPSS
Exploits0References3
OSV
OSV
added 2024/05/14 3:38 p.m.4 views

CVE-2024-34210

TOTOLINK outdoor CPE CP450 v4.1.0cu.747B20191224 was discovered to contain a command injection vulnerability in the CloudACMunualUpdate function via the FileName parameter...

7.3CVSS5.8AI score
Exploits0References1
CNNVD
CNNVD
added 2024/05/14 12:0 a.m.5 views

TOTOLINK CPE CP450 安全漏洞

TOTOLINK CPE CP450 is an outdoor wireless client terminal device from China Gion Electronics TOTOLINK, which is mainly used to provide wireless broadband access services, especially for wireless network coverage in rural or remote areas. The TOTOLINK CPE CP450 suffers from a buffer overflow...

8.8CVSS8.1AI score0.00909EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2024/03/18 12:0 a.m.5 views

PT-2024-21072 · Avsystem · Avsystem Unified Management Platform

Name of the Vulnerable Software and Affected Versions: AVSystem Unified Management Platform UMP version 23.07.0.16567LTS Description: The issue is related to improper input validation, which can result in unauthenticated Customer Premises Equipment CPE devices storing arbitrarily large amounts of...

5.9CVSS7AI score0.00465EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2022/12/24 12:0 a.m.9 views

The vulnerability of the CPE WAN Management Protocol (TR-069) software implementation for centralized device management in the Zyxel Cloud network, enabled by SecuManager, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the CPE WAN Management Protocol TR-069 software for centralized device management in the Zyxel Cloud environment is related to the use of strictly encrypted credentials during the processing of SSH keys. The exploit allows an attacker to gain unauthorized access to protected...

7.8CVSS7.2AI score0.00738EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2017/12/20 8:29 p.m.5 views

CVE-2017-6094

CPEs used by subscribers on the access network receive their individual configuration settings from a central GAPS instance. A CPE identifies itself by the MAC address of its WAN interface and a certain "chk" value 48bit derived from the MAC. The algorithm used to compute the "chk" was disclosed ...

9.8CVSS5.8AI score0.01186EPSS
Exploits2References1
BDU FSTEC
BDU FSTEC
added 2017/11/03 12:0 a.m.7 views

The vulnerability of the add_pseudoheader function in the Dnsmasq DNS server allows a hacker to cause a service failure.

The vulnerability of the addpseudoheader function in the Dnsmasq DNS server arises from the loss of a significant number of bits in cases where parameters addmac, addcpeid, or addsubnet are specified. Exploiting this vulnerability allows a malicious actor to cause a service failure through a...

7.8CVSS7.7AI score0.66347EPSS
Exploits5References22Affected Software1
Cisco
Cisco
added 2015/06/22 2:53 p.m.36 views

Cisco IOS Software UBR Devices IPv6 to IPv4 Subsystem Denial of Service Vulnerability

A vulnerability in the IPv6 to IPv4 subsystem of Cisco IOS Software could allow an unauthenticated, remote attacker to cause a standby Performance Routing Engine PRE to leak a small portion of memory on a targeted system, resulting in a denial of service DoS condition. The vulnerability is due to...

7.8CVSS6.5AI score0.03456EPSS
Exploits0References1
Cisco
Cisco
added 2015/06/22 2:53 p.m.23 views

Cisco IOS Software UBR Devices IPv6 to IPv4 Subsystem Denial of Service Vulnerability

A vulnerability in the IPv6 to IPv4 subsystem of Cisco IOS Software could allow an unauthenticated, remote attacker to trigger a Performance Routing Engine PRE crash on a targeted system, resulting in a denial of service DoS condition. The vulnerability is due to a race condition that may cause a...

7.1CVSS6.3AI score0.02124EPSS
Exploits0References1
securityvulns
securityvulns
added 2002/05/24 12:0 a.m.32 views

Security Advisory: CBOS - Improving Resilience to DoS Attacks

-----BEGIN PGP SIGNED MESSAGE----- Cisco Security Advisory: CBOS - Improving Resilience to Denial-of-Service Attacks ========================================================================= Revision 1.0 For Public Release 2002 May 23 16:00 UTC+0000 -...

7.3AI score
Exploits0
Rows per page
Query Builder