CVE-2021-28112

Draeger X-Dock Firmware before 03.00.13 has Active Debug Code on a debug port, leading to remote code execution by an authenticated attacker...

CVE-2019-18869

Leftover Debug Code in Blaauw Remote Kiln Control through v3.00r4 allows a user to execute arbitrary php code via /default.php?idx=17...

CVE-2023-49593

Leftover debug code exists in the boa formSysCmd functionality of LevelOne WBR-6013 RER4Av3411b2T2RLEV09170623. A specially crafted network request can lead to arbitrary command execution...

CVE-2022-38715

A leftover debug code vulnerability exists in the httpd shell.cgi functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted HTTP request can lead to remote code execution. An attacker can send an HTTP request to trigger this vulnerability...

CVE-2025-15017

A vulnerability exists in serial device servers where active debug code remains enabled in the UART interface. An attacker with physical access to the device can directly connect to the UART interface and, without authentication, user interaction, or execution conditions, gain unauthorized access...

CVE-2025-15017

CVE-2025-15017 concerns serial device servers (notably Moxa NPort 5000 Series) where debugging code remains active in the UART interface. This allows a physically present attacker to connect to UART without authentication or user interaction, gaining unauthorized access to internal debug function...

EUVD-2025-205900

A vulnerability exists in serial device servers where active debug code remains enabled in the UART interface. An attacker with physical access to the device can directly connect to the UART interface and, without authentication, user interaction, or execution conditions, gain unauthorized access...

PT-2025-54287

A vulnerability exists in serial device servers where active debug code remains enabled in the UART interface. An attacker with physical access to the device can directly connect to the UART interface and, without authentication, user interaction, or execution conditions, gain unauthorized access...

CVE-2025-64983

Smart Video Doorbell firmware versions prior to 2.01.078 contain an active debug code vulnerability that allows an attacker to connect via Telnet and gain access to the device...

SwitchBot Smart Video Doorbell vulnerable to active debug code

Overview Smart Video Doorbell provided by SwitchBot contains the following vulnerability. Active debug code CWE-489 - CVE-2025-64983 Researcher reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact An attacker on ...

CVE-2025-64983

Smart Video Doorbell firmware versions prior to 2.01.078 contain an active debug code vulnerability that allows an attacker to connect via Telnet and gain access to the device...

CVE-2025-64983

Smart Video Doorbell firmware versions prior to 2.01.078 contain an active debug code vulnerability that allows an attacker to connect via Telnet and gain access to the device...

CVE-2025-64983

Smart Video Doorbell firmware versions prior to 2.01.078 contain an active debug code vulnerability that allows an attacker to connect via Telnet and gain access to the device...

CVE-2025-64983

CVE-2025-64983 concerns SwitchBot’s Smart Video Doorbell. Firmware versions prior to 2.01.078 reportedly include an active debug code that can be exploited to connect via Telnet, granting an attacker access to the device. The vulnerability directly enables unauthorized access on an adjacent netwo...

PT-2025-48126

Smart Video Doorbell firmware versions prior to 2.01.078 contain an active debug code vulnerability that allows an attacker to connect via Telnet and gain access to the device...

CVE-2025-54660

An active debug code vulnerability in Fortinet FortiClientWindows 7.4.0 through 7.4.3, FortiClientWindows 7.2.0 through 7.2.10, FortiClientWindows 7.0 all versions may allow a local attacker to run the application step by step and retrieve the saved VPN user password...

CVE-2025-54660

An active debug code vulnerability in Fortinet FortiClientWindows 7.4.0 through 7.4.3, FortiClientWindows 7.2.0 through 7.2.10, FortiClientWindows 7.0 all versions may allow a local attacker to run the application step by step and retrieve the saved VPN user password...

CVE-2025-54660

Fortinet FortiClientWindows is affected by an active debug code vulnerability in versions 7.0.0–7.4.3 and 7.2.0–7.2.10 that may allow a local attacker to execute the application step by step and retrieve the saved VPN user password. The linked Red Hat/NVD/CVE entries confirm the same impact. Ther...

PT-2025-47357

Name of the Vulnerable Software and Affected Versions Fortinet FortiClientWindows versions 7.0.0 through 7.4.3 Fortinet FortiClientWindows version 7.2.0 through 7.2.10 Description A debug code issue exists in FortiClientWindows that could allow a local attacker to execute the application step by...

EUVD-2025-93496

Active debug code for some Intel UEFI reference platforms within Ring 0: Kernel may allow a denial of service and escalation of privilege. System software adversary with a privileged user combined with a low complexity attack may enable data alteration. This result may potentially occur via local...