CVE-2026-22916

An attacker with low privileges may be able to trigger critical system functions such as reboot or factory reset without proper restrictions, potentially leading to service disruption or loss of configuration...

CVE-2026-22916

An attacker with low privileges may be able to trigger critical system functions such as reboot or factory reset without proper restrictions, potentially leading to service disruption or loss of configuration...

CVE-2026-22916

An attacker with low privileges may be able to trigger critical system functions such as reboot or factory reset without proper restrictions, potentially leading to service disruption or loss of configuration...

EUVD-2026-2817

An attacker with low privileges may be able to trigger critical system functions such as reboot or factory reset without proper restrictions, potentially leading to service disruption or loss of configuration...

PT-2026-2997

Name of the Vulnerable Software and Affected Versions versions prior to 2.3 Description An attacker with low privileges may be able to trigger critical system functions such as reboot or factory reset without proper restrictions, potentially leading to service disruption or loss of configuration...

CVE-2026-22079

This vulnerability exists in Tenda wireless routers 300Mbps Wireless Router F3 and N300 Easy Setup Router due to the plaintext transmission of login credentials during the initial login or post-factory reset setup through the web-based administrative interface. An attacker on the same network cou...

CVE-2023-29708

An issue was discovered in /cgi-bin/adm.cgi in WavLink WavRouter version RPT70HA1.x, allows attackers to force a factory reset via crafted payload...

CVE-2018-14994

The Essential Phone Android device with a build fingerprint of essential/mata/mata:8.1.0/OPM1.180104.166/297:user/release-keys contains a pre-installed platform app with a package name of com.ts.android.hiddenmenu versionName=1.0, platformBuildVersionName=8.1.0 that contains an exported activity...

CVE-2018-14989

The Plum Compass Android device with a build fingerprint of PLUM/c179hwf221/c179hwf221:6.0/MRA58K/W16.51.5-22:user/release-keys contains a pre-installed platform app with a package name of com.android.settings versionCode=23, versionName=6.0-eng.root.20161223.224055 that contains an exported...

CVE-2018-18377

goform/setReset on Orange AirBox Y858FL01.1604 devices allows attackers to reset a router to factory settings, which can be used to login using the default admin:admin credentials...

CVE-2018-18472

Western Digital WD My Book Live and WD My Book Live Duo all versions have a root Remote Command Execution bug via shell metacharacters in the /api/1.0/rest/languageconfiguration language parameter. It can be triggered by anyone who knows the IP address of the affected device, as exploited in the...

CVE-2021-0957

In NotificationStackScrollLayout of NotificationStackScrollLayout.java, there is a possible way to bypass Factory Reset Protections. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

CVE-2026-22079

This vulnerability exists in Tenda wireless routers 300Mbps Wireless Router F3 and N300 Easy Setup Router due to the plaintext transmission of login credentials during the initial login or post-factory reset setup through the web-based administrative interface. An attacker on the same network cou...

CVE-2026-22079 Cleartext Transmission Vulnerability in Tenda Wireless Routers

This vulnerability exists in Tenda wireless routers 300Mbps Wireless Router F3 and N300 Easy Setup Router due to the plaintext transmission of login credentials during the initial login or post-factory reset setup through the web-based administrative interface. An attacker on the same network cou...

CVE-2026-22079

The PT-2026-2147 entry specifies that Tenda 300Mbps Wireless Router F3 and Tenda N300 Easy Setup Router are affected by a flaw where login credentials are transmitted in plaintext during the initial login or after a factory reset via the web-based interface. An attacker on the same network could ...

CVE-2022-23729

When the device is in factory state, it can be access the shell without adb authentication process. The LG ID is LVE-SMP-210010...

CVE-2017-12414

Format Factory 4.1.0 has a DLL Hijacking Vulnerability because an untrusted search path is used for msimg32.dll, WindowsCodecs.dll, and dwmapi.dll...

CVE-2019-2113

In setup wizard there is a bypass of some checks when wifi connection is skipped. This could lead to factory reset protection bypass with no additional privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-9. Android ID: A-122597079...

CVE-2019-20551

An issue was discovered on Samsung mobile devices with N7.x, O8.x, and P9.0 software. Attackers can bypass Factory Reset Protection FRP via a Class 0 Type Message. The Samsung ID is SVE-2019-14941 October 2019...

CVE-2019-20543

An issue was discovered on Samsung mobile devices with P9.0 software. Attackers can bypass Factory Reset Protection FRP via SamsungPay mini. The Samsung ID is SVE-2019-15090 November 2019...