camel-http: Apache Camel: Information disclosure and authentication bypass in embedded HTTP/management servers

A flaw was found in the Apache Camel embedded HTTP server and embedded management server camel-platform-http-main. When authentication is enabled and a non-root context path is configured, the authentication handler incorrectly matches only the exact configured path, not its subpaths. This allows...

CVE-2026-40620

A vulnerability in SenseLive X3050’s embedded management service allows full administrative control to be established without any form of authentication or authorization on the SenseLive config application. The service accepts management connections from any reachable host, enabling unrestricted...

CVE-2026-40620

SenseLive X3050 is affected by a network‑accessible vulnerability in its embedded management service that permits full administrative control without authentication or authorization. The issue enables any reachable host using a vendor or compatible client to modify critical configuration paramete...

CVE-2026-40620 SenseLive X3050 Missing authentication for critical function

A vulnerability in SenseLive X3050’s embedded management service allows full administrative control to be established without any form of authentication or authorization on the SenseLive config application. The service accepts management connections from any reachable host, enabling unrestricted...

SenseLive X3050 访问控制错误漏洞

The SenseLive X3050 is a data collection and environmental monitoring device designed for IoT scenarios by SenseLive Corporation. The SenseLive X3050 has a access control vulnerability, which stems from the lack of authentication or authorization in the embedded management services. This...

Lenovo XClarity Controller 安全漏洞

Lenovo XClarity Controller Lenovo XCC is a server embedded management engine from Lenovo China. It is primarily used to standardize and automate basic server management tasks. A security vulnerability exists in Lenovo XClarity Controller, which stems from a specially constructed file upload that...

Lenovo XClarity Controller 安全漏洞

Lenovo XClarity Controller Lenovo XCC is a server-embedded management engine from Lenovo China that is used to standardize and automate basic server management tasks. A security vulnerability exists in Lenovo XClarity Controller. An attacker can exploit the vulnerability to elevate privileges...

CVE-2018-1215

An arbitrary file upload vulnerability was discovered in vApp Manager which is embedded in Dell EMC Unisphere for VMAX, Dell EMC Solutions Enabler, Dell EMC VASA Virtual Appliances, and Dell EMC VMAX Embedded Management eManagement: Dell EMC Unisphere for VMAX Virtual Appliance versions prior to...

CVE-2018-1216

A hard-coded password vulnerability was discovered in vApp Manager which is embedded in Dell EMC Unisphere for VMAX, Dell EMC Solutions Enabler, Dell EMC VASA Virtual Appliances, and Dell EMC VMAX Embedded Management eManagement: Dell EMC Unisphere for VMAX Virtual Appliance versions prior to...

Hardcoded credentials

A hard-coded password vulnerability was discovered in vApp Manager which is embedded in Dell EMC Unisphere for VMAX, Dell EMC Solutions Enabler, Dell EMC VASA Virtual Appliances, and Dell EMC VMAX Embedded Management eManagement: Dell EMC Unisphere for VMAX Virtual Appliance versions prior to...

CVE-2018-1215

An arbitrary file upload vulnerability was discovered in vApp Manager which is embedded in Dell EMC Unisphere for VMAX, Dell EMC Solutions Enabler, Dell EMC VASA Virtual Appliances, and Dell EMC VMAX Embedded Management eManagement: Dell EMC Unisphere for VMAX Virtual Appliance versions prior to...

CVE-2018-1216

A hard-coded password vulnerability was discovered in vApp Manager which is embedded in Dell EMC Unisphere for VMAX, Dell EMC Solutions Enabler, Dell EMC VASA Virtual Appliances, and Dell EMC VMAX Embedded Management eManagement: Dell EMC Unisphere for VMAX Virtual Appliance versions prior to...

CVE-2017-14375

EMC Unisphere for VMAX Virtual Appliance vApp versions prior to 8.4.0.15, EMC Solutions Enabler Virtual Appliance versions prior to 8.4.0.15, EMC VASA Virtual Appliance versions prior to 8.4.0.512, and EMC VMAX Embedded Management eManagement versions prior to and including 1.4 Enginuity Release...

Authentication flaw

EMC Unisphere for VMAX Virtual Appliance vApp versions prior to 8.4.0.15, EMC Solutions Enabler Virtual Appliance versions prior to 8.4.0.15, EMC VASA Virtual Appliance versions prior to 8.4.0.512, and EMC VMAX Embedded Management eManagement versions prior to and including 1.4 Enginuity Release...

Design/Logic Flaw

Unspecified vulnerability in the embedded management console in HP iLO-2 Management Processors iLO-2 MP, as used in Integrity Servers rx2660, rx3600, and rx6600, and Integrity Blade Server model bl860c, allows remote attackers to cause a denial of service via unknown vectors...