Lucene search
K

235 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2025-22544

Malicious code in bioql PyPI...

9.8CVSS6.5AI score0.00463EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/09/11 5:29 p.m.4 views

CVE-2025-9269

A Server-Side Request Forgery SSRF vulnerability has been identified in the embedded web server in various Lexmark devices. This vulnerability can be leveraged by an attacker to force the device to send an arbitrary HTTP request to a third-party server. Successful exploitation of this vulnerabili...

6.9CVSS6.8AI score0.0031EPSS
Exploits0References1
NVD
NVD
added 2025/09/09 6:15 p.m.5 views

CVE-2025-9269

A Server-Side Request Forgery SSRF vulnerability has been identified in the embedded web server in various Lexmark devices. This vulnerability can be leveraged by an attacker to force the device to send an arbitrary HTTP request to a third-party server. Successful exploitation of this vulnerabili...

6.9CVSS0.0031EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/09/09 5:21 p.m.7 views

CVE-2025-9269 Server-Side Request Forgery (SSRF) vulnerability found in embedded web server

A Server-Side Request Forgery SSRF vulnerability has been identified in the embedded web server in various Lexmark devices. This vulnerability can be leveraged by an attacker to force the device to send an arbitrary HTTP request to a third-party server. Successful exploitation of this vulnerabili...

6.9CVSS0.0031EPSS
Exploits0References1
CVE
CVE
added 2025/09/09 5:21 p.m.14 views

CVE-2025-9269

Lexmark devices with the embedded web server are affected by CVE-2025-9269 (SSRF). The vulnerability allows an attacker to coerce the device into issuing arbitrary HTTP requests to a third-party server, potentially enabling internal network access or data disclosure. CVSSv4 base score 6.9 (networ...

6.9CVSS6.3AI score0.0031EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/09/09 12:0 a.m.5 views

PT-2025-36901

Name of the Vulnerable Software and Affected Versions: Lexmark devices affected versions not specified Description: A Server-Side Request Forgery SSRF vulnerability exists in the embedded web server of Lexmark devices. An attacker can exploit this issue to make the device send an arbitrary HTTP...

6.9CVSS6.2AI score0.0031EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/08/01 12:0 a.m.5 views

Netgear SPH200D 安全漏洞

The Netgear SPH200D is a wireless Internet phone from Netgear USA. The Netgear SPH200D suffers from a directory traversal vulnerability that can be exploited by an attacker to view arbitrary files on the system by sending a crafted URL request...

6.9CVSS6.6AI score0.00892EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/07/25 12:0 a.m.6 views

EmbedThis GoAhead 跨站脚本漏洞

EmbedThis GoAhead is an embedded web server software from EmbedThis, Inc. A cross-site scripting vulnerability exists in EmbedThis GoAhead version 2.5, which stems from HTML injection of the name parameter...

7.2CVSS6.2AI score0.00524EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/07/24 8:53 p.m.9 views

CVE-2025-6260 Network Thermostat X-Series WiFi Thermostats Missing Authentication for Critical Function

The embedded web server on the thermostat listed version ranges contain a vulnerability that allows unauthenticated attackers, either on the local area network or from the Internet via a router with port forwarding set up, to gain direct access to the thermostat's embedded web server and reset us...

9.8CVSS0.00463EPSS
Exploits0References1
CVE
CVE
added 2025/07/24 8:53 p.m.27 views

CVE-2025-6260

CVE-2025-6260 affects Network Thermostat X-Series WiFi Thermostats: the embedded web server can be reached unauthenticated over LAN or via Internet-exposed router, enabling an attacker to reset user credentials by manipulating the web interface. The exact vulnerable versions are not specified in ...

9.8CVSS6.5AI score0.00463EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/07/24 12:0 a.m.8 views

The vulnerability of the formLanSetupRouterSettings() function in D-Link DIR-513 router microprogramming software, a built-in web server, allows a hacker to cause a service failure.

The vulnerability of the formLanSetupRouterSettings function in the embedded web server of D-Link’s DIR-513 router software is related to the issue where data is written out of the buffer into memory when processing the curTime parameter. Exploiting this vulnerability could allow a remote attacke...

9CVSS7.9AI score0.01153EPSS
Exploits1References4Affected Software1
CNNVD
CNNVD
added 2025/07/24 12:0 a.m.3 views

Network Thermostat X-Series WiFi thermostats 访问控制错误漏洞

Network Thermostat X-Series WiFi thermostats is a WiFi only thermostat from Network Thermostat, Inc. An access control error vulnerability exists in Network Thermostat X-Series WiFi thermostats that stems from an embedded web server that allows an unauthorized attacker to reset user credentials b...

9.8CVSS6.5AI score0.00463EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/06/24 12:0 a.m.8 views

The vulnerability in the embedded web server microprogramming software of TOTOLINK A3002R, A3002RU, A702R, and EX1200T routers allows a hacker to induce a service failure.

The vulnerability in the embedded web server microprogramming software of TOTOLINK A3002R, A3002RU, A702R, and EX1200T routers is related to the issue of the operation exceeding the buffer in memory when processing the submit-url parameter. Exploiting this vulnerability allows a malicious actor t...

9CVSS7.9AI score0.0081EPSS
Exploits1References10Affected Software4
RedhatCVE
RedhatCVE
added 2025/05/22 8:44 a.m.8 views

CVE-2019-6326

HP Color LaserJet Pro M280-M281 Multifunction Printer series before v. 20190419, HP LaserJet Pro MFP M28-M31 Printer series before v. 20190426 may have embedded web server attributes which may be potentially vulnerable to Buffer Overflow...

7.2CVSS6.8AI score0.01712EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:44 a.m.8 views

CVE-2019-6325

HP Color LaserJet Pro M280-M281 Multifunction Printer series before v. 20190419, HP LaserJet Pro MFP M28-M31 Printer series before v. 20190426 may have an embedded web server that is potentially vulnerable to Cross-site Request Forgery...

8.8CVSS6.8AI score0.00983EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:44 a.m.7 views

CVE-2019-6324

HP Color LaserJet Pro M280-M281 Multifunction Printer series before v. 20190419, HP LaserJet Pro MFP M28-M31 Printer series before v. 20190426 may have an embedded web server potentially vulnerable to stored XSS in wireless configuration page...

4.8CVSS5.8AI score0.00701EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:36 a.m.7 views

CVE-2019-19773

Various Lexmark products have stored XSS in the embedded web server used in older generation Lexmark devices. Affected products are available in http://support.lexmark.com/index?page=content=TE935=en=ENUS...

5.4CVSS5.9AI score0.00653EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:55 a.m.6 views

CVE-2019-19772

Various Lexmark products have reflected XSS in the embedded web server used in older generation Lexmark devices. Affected products are available in http://support.lexmark.com/index?page=content=TE935=en=ENUS...

5.4CVSS6.1AI score0.00653EPSS
Exploits0References1
NVD
NVD
added 2025/05/21 8:15 p.m.9 views

CVE-2025-36535

The embedded web server lacks authentication and access controls, allowing unrestricted remote access. This could lead to configuration changes, operational disruption, or arbitrary code execution depending on the environment and exposed functionality...

10CVSS0.01007EPSS
Exploits0References2
CVE
CVE
added 2025/05/21 7:52 p.m.89 views

CVE-2025-36535

CVE-2025-36535 affects AutomationDirect MB-Gateway. The embedded web server lacks authentication/access controls, allowing unrestricted remote access that could enable configuration changes, operational disruption, or arbitrary code execution depending on exposure. Public sources (NVD, CVE listin...

10CVSS8.1AI score0.01007EPSS
Exploits0References2
Rows per page
Query Builder