CVE-2025-15587

Tinycontrol devices such as tcPDU and LAN Controllers LK3.5, LK3.9 and LK4 allow a low privileged user to read an administrator's password by directly accessing a specific resource inaccessible via a graphical interface. This issue has been fixed in firmware versions: 1.36 for tcPDU, 1.67 for LK3...

EUVD-2025-208690

Tinycontrol devices such as tcPDU and LAN Controllers LK3.5, LK3.9 and LK4 allow a low privileged user to read an administrator's password by directly accessing a specific resource inaccessible via a graphical interface. This issue has been fixed in firmware versions: 1.36 for tcPDU, 1.67 for LK3...

CVE-2025-15587

Tinycontrol devices such as tcPDU and LAN Controllers LK3.5, LK3.9 and LK4 allow a low privileged user to read an administrator's password by directly accessing a specific resource inaccessible via a graphical interface. This issue has been fixed in firmware versions: 1.36 for tcPDU, 1.67 for LK3...

CVE-2025-65009

CVE-2025-65009 affects the WODESYS WD-R608U router (WDR122B V2.0 / WDR28). The admin password is stored in plaintext in a configuration file and can be accessed by an unauthorized user via direct reference to the resource. Only version WDR28081123OV1.01 has been tested and confirmed vulnerable; o...

PT-2020-10034 · Abb · Abb Asset Suite

Name of the Vulnerable Software and Affected Versions: ABB Asset Suite versions 9.0 through 9.3 ABB Asset Suite version 9.4 prior to 9.4.2.6 ABB Asset Suite version 9.5 prior to 9.5.3.2 ABB Asset Suite version 9.6.0 Description: The issue is related to insufficient access control in the web...

Chamilo LMS SQL Injection Vulnerability

Chamilo LMS is an open source online learning and collaboration system developed by the Chamilo Association. The system supports the creation of instructional content, distance training and online question and answer sessions. Chamilo LMS suffers from SQL injection vulnerabilities that stem from...