Lucene search
K

691 matches found

RedhatCVE
RedhatCVE
added 2026/03/26 3:1 p.m.7 views

CVE-2026-27842

Authentication bypass issue exists in MR-GM5L-S1 and MR-GM5A-L1, which may allow an attacker to bypass authentication and change the device configuration...

9.8CVSS7.3AI score0.00558EPSS
Exploits0References1
NVD
NVD
added 2026/03/25 4:16 p.m.6 views

CVE-2026-20115

A vulnerability in Cisco IOS XE Software for Cisco Meraki could allow a remote, unauthenticated attacker to view confidential device information. This vulnerability is due to a device configuration upload being performed over an insecure tunnel. An attacker could exploit this vulnerability by...

6.1CVSS0.00152EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/18 9:30 a.m.7 views

EUVD-2026-12794

A CSRF vulnerability in the Link Aggregation configuration interface allows an unauthenticated remote attacker to trick authenticated users into sending unauthorized POST requests to the device by luring them to a malicious webpage. This can silently alter the device’s configuration without the...

7.1CVSS5.9AI score0.00178EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/03/18 7:35 a.m.6 views

CVE-2026-22323

A CSRF vulnerability in the Link Aggregation configuration interface allows an unauthenticated remote attacker to trick authenticated users into sending unauthorized POST requests to the device by luring them to a malicious webpage. This can silently alter the device’s configuration without the...

7.1CVSS5.9AI score0.00178EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/03/16 4:55 p.m.24 views

CVE-2026-29521 Hereta ETH-IMC408M CSRF via Configuration Setup

Hereta ETH-IMC408M firmware version 1.0.15 and prior contain a cross-site request forgery vulnerability that allows attackers to modify device configuration by exploiting missing CSRF protections in setup.cgi. Attackers can host malicious pages that submit forged requests using...

5.1CVSS0.0011EPSS
Exploits0References2
NVD
NVD
added 2026/03/16 2:20 p.m.5 views

CVE-2026-4216

A weakness has been identified in i-SENS SmartLog App up to 2.6.8 on Android. This affects an unknown function of the component air.SmartLog.android. This manipulation causes hard-coded credentials. The attack can only be executed locally. The exploit has been made available to the public and cou...

5.3CVSS0.00103EPSS
Exploits0References4
EUVD
EUVD
added 2026/03/11 6:31 a.m.3 views

EUVD-2026-11101

Authentication bypass issue exists in MR-GM5L-S1 and MR-GM5A-L1, which may allow an attacker to bypass authentication and change the device configuration...

9.8CVSS7.3AI score0.00558EPSS
Exploits0References3
NVD
NVD
added 2026/03/11 6:17 a.m.3 views

CVE-2026-27842

Authentication bypass issue exists in MR-GM5L-S1 and MR-GM5A-L1, which may allow an attacker to bypass authentication and change the device configuration...

9.8CVSS0.00558EPSS
Exploits0References2
CVE
CVE
added 2026/03/11 5:25 a.m.9 views

CVE-2026-27842

CVE-2026-27842 affects Micro Research MR-GM5L-S1 and MR-GM5A-L1. The issue is an authentication bypass (CWE-288 per JVNDB) that could let an attacker bypass authentication and change device configuration. Severity is reflected as CRITICAL in multiple sources, with CVSSv3.0/4.0 scores indicating n...

9.8CVSS7.3AI score0.00558EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/03/11 5:25 a.m.2 views

CVE-2026-27842

Authentication bypass issue exists in MR-GM5L-S1 and MR-GM5A-L1, which may allow an attacker to bypass authentication and change the device configuration...

9.8CVSS5.8AI score0.00558EPSS
Exploits0References2
EUVD
EUVD
added 2026/03/11 5:25 a.m.3 views

EUVD-2026-11102

Authentication bypass issue exists in MR-GM5L-S1 and MR-GM5A-L1, which may allow an attacker to bypass authentication and change the device configuration...

9.8CVSS7.3AI score0.00558EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/03/11 5:25 a.m.29 views

CVE-2026-27842

Authentication bypass issue exists in MR-GM5L-S1 and MR-GM5A-L1, which may allow an attacker to bypass authentication and change the device configuration...

9.8CVSS0.00558EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/03/11 12:0 a.m.4 views

PT-2026-24580

Name of the Vulnerable Software and Affected Versions MR-GM5L-S1 MR-GM5A-L1 Description An authentication bypass issue exists in MR-GM5L-S1 and MR-GM5A-L1, which may allow an attacker to bypass authentication and change the device configuration. Recommendations At the moment, there is no...

9.8CVSS7.3AI score0.00558EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/03/07 12:20 a.m.27 views

CVE-2026-25071 XikeStor SKS8310-8X switch_config.src Missing Authentication

XikeStor SKS8310-8X Network Switch firmware versions 1.04.B07 and prior contain a missing authentication vulnerability in the /switchconfig.src endpoint that allows unauthenticated remote attackers to download device configuration files. Attackers can access this endpoint without credentials to...

8.7CVSS0.00512EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/02/25 4:20 p.m.3 views

CVE-2026-27849

Due to missing neutralization of special elements, OS commands can be injected via the update functionality of a TLS-SRP connection, which is normally used for configuring devices inside the mesh network. This issue affects MR9600: 1.0.4.205530; MX4200: 1.0.13.210200...

9.8CVSS5.5AI score0.00314EPSS
Exploits0References2Affected Software2
Cvelist
Cvelist
added 2026/02/20 5:21 p.m.28 views

CVE-2026-2832 Certain Samsung MultiXpress Multifunction Printers Firmware – Potential Information Disclosure

Certain Samsung MultiXpress Multifunction Printers may be vulnerable to information disclosure, potentially exposing address book entries and other device configuration information through specific APIs without proper authorization...

5.3CVSS0.00155EPSS
Exploits0References1
CVE
CVE
added 2026/02/20 5:21 p.m.12 views

CVE-2026-2832

The advisory concerns Samsung MultiXpress Multifunction Printers. The vulnerability is an information disclosure through certain APIs that may allow access to address book entries and other device configuration without proper authorization. Affected component: firmware on Samsung MultiXpress devi...

5.3CVSS5.4AI score0.00155EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/02/20 12:0 a.m.4 views

PT-2026-21280

Certain Samsung MultiXpress Multifunction Printers may be vulnerable to information disclosure, potentially exposing address book entries and other device configuration information through specific APIs without proper authorization...

5.3CVSS5.4AI score0.00155EPSS
Exploits0References2
Hewlett-Packard
Hewlett-Packard
added 2026/02/20 12:0 a.m.8 views

Certain Samsung MultiXpress Multifunction Printers Firmware – Potential Information Disclosure

Certain Samsung MultiXpress Multifunction Printers may be vulnerable to information disclosure, potentially exposing address book entries and other device configuration information through specific APIs without proper authorization. Update your printer firmware...

5.3CVSS5.4AI score0.00155EPSS
Exploits0
GithubExploit
GithubExploit
added 2026/02/15 5:40 p.m.181 views

Exploit for Missing Authentication for Critical Function in Paloaltonetworks Pan-Os

PAN-OS Stored XSS — Incomplete Sanitization of a Known-Bad Var...

9.8CVSS5.8AI score0.99698EPSS
Exploits16
Rows per page
Query Builder