CVE-2026-1354 Zero Motorcycles Firmware Key Exchange without Entity Authentication

Zero Motorcycles firmware versions 44 and prior enable an attacker to forcibly pair a device with the motorcycle via Bluetooth. Once paired, an attacker can utilize over-the-air firmware updating functionality to potentially upload malicious firmware to the motorcycle. The motorcycle must first b...

PT-2026-30259

ProSoft Technology ICX35-HWC version 1.3 and prior cellular gateways contain an authentication bypass vulnerability in the web user interface that allows unauthenticated attackers to gain access to administrative functions without valid credentials. Attackers can bypass the authentication mechani...

CVE-2026-25072

XikeStor SKS8310-8X Network Switch firmware versions 1.04.B07 and prior contain a predictable session identifier vulnerability in the /goform/SetLogin endpoint that allows remote attackers to hijack authenticated sessions. Attackers can predict session identifiers using insufficiently random cook...

CVE-2023-22921

A cross-site scripting XSS vulnerability in the Zyxel NBG-418N v2 firmware versions prior to V1.00AARP.14C0 could allow a remote authenticated attacker with administrator privileges to store malicious scripts using a web management interface parameter, resulting in denial-of-service DoS condition...

PT-2023-8045 · Moxa · Iologik E1200 Series

Name of the Vulnerable Software and Affected Versions: ioLogik E1200 Series firmware versions v3.3 and prior Description: A weak cryptographic algorithm vulnerability has been identified, which can help an attacker compromise the confidentiality of sensitive data and may lead to unexpected...

PT-2022-4840 · Dataprobe · Dataprobe Iboot Pdu

Name of the Vulnerable Software and Affected Versions: Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 Description: The issue is related to the device's existing firmware, which allows unauthenticated users to access an old PHP page vulnerable to directory traversal. This may enable a user...

PT-2022-2829 · Sonicwall · Sonicwall Sma1000

Name of the Vulnerable Software and Affected Versions: SonicWall SMA1000 series firmware versions prior to 12.4.1-02965 Description: The issue is related to insufficient access control in the firmware of SonicWall SMA 1000 series firewalls. This can allow a remote attacker to gain unauthorized...

CVE-2021-20859

ELECOM LAN routers WRC-1167GST2 firmware v1.25 and prior, WRC-1167GST2A firmware v1.25 and prior, WRC-1167GST2H firmware v1.25 and prior, WRC-2533GS2-B firmware v1.52 and prior, WRC-2533GS2-W firmware v1.52 and prior, WRC-1750GS firmware v1.03 and prior, WRC-1750GSV firmware v2.11 and prior,...

Cross-Site Scripting Vulnerability in Multiple Peplink Balance Products

Peplink Balance 305 and others are multi-exit load balancing routers for medium-sized businesses. A cross-site scripting vulnerability exists in various Peplink Balance products using firmware versions prior to fw-b305hw2380hw6580hw2710hw31350hw22500-7.0.1-build2093. A remote attacker can exploit...