Lucene search
K

1348 matches found

Vulnrichment
Vulnrichment
added 2025/08/04 12:0 a.m.2 views

CVE-2025-44643

Certain Draytek products are affected by Insecure Configuration. This affects AP903 v1.4.18 and AP912C v1.4.9 and AP918R v1.4.9. The setting of the password property in the ripd.conf configuration file sets a hardcoded weak password, posing a security risk. An attacker with network access could...

6.8AI score0.00243EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/08/04 12:0 a.m.6 views

PT-2025-31818

Name of the Vulnerable Software and Affected Versions Draytek AP903 versions 1.4.18 Draytek AP912C version 1.4.9 Draytek AP918R version 1.4.9 Description The Draytek products are susceptible to insecure configurations due to hardcoded weak passwords within configuration files. Specifically, a wea...

9CVSS6.8AI score0.00243EPSS
Exploits0References7
Cvelist
Cvelist
added 2025/08/04 12:0 a.m.10 views

CVE-2025-44643

Certain Draytek products are affected by Insecure Configuration. This affects AP903 v1.4.18 and AP912C v1.4.9 and AP918R v1.4.9. The setting of the password property in the ripd.conf configuration file sets a hardcoded weak password, posing a security risk. An attacker with network access could...

0.00243EPSS
Exploits0References1
CVE
CVE
added 2025/08/04 12:0 a.m.22 views

CVE-2025-44643

CVE-2025-44643 affects Draytek AP903 v1.4.18, AP912C v1.4.9, and AP918R v1.4.9 due to an insecure configuration: the ripd.conf password property sets a hardcoded weak password. This could allow a network-attached attacker to gain unauthorized control of the routing daemon and potentially alter ro...

8.6CVSS6.8AI score0.00243EPSS
Exploits0References1
Rosalinux
Rosalinux
added 2025/08/03 8:39 p.m.6 views

Advisory ROSA-SA-2025-2909

software: freeradius 3.0.27 OS: ROSA-CHROME unaffected versions = freeradius-3.0.27-1 affected versions freeradius-3.0.27-1 CVE-ID: CVE-2024-3596 BDU-ID: 2024-05180 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the RADIUS authentication protocol implementation involves bypassing the authenticati...

9CVSS9AI score0.14859EPSS
Exploits2
OpenVAS
OpenVAS
added 2025/06/27 12:0 a.m.4 views

Debian: Security Advisory (DLA-4232-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.5AI score0.01171EPSS
Exploits0References2
Debian
Debian
added 2025/06/26 2:37 p.m.15 views

[SECURITY] [DLA 4232-1] freeradius security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4232-1 [email protected] https://www.debian.org/lts/security/ Abhijith PA June 26, 2025 https://wiki.debian.org/LTS -...

7.5CVSS7.5AI score0.01171EPSS
Exploits0
OSV
OSV
added 2025/06/26 12:0 a.m.5 views

DLA-4232-1 freeradius - security update

Bulletin has no description...

7.5CVSS7.2AI score0.01171EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/06/26 12:0 a.m.6 views

Debian dla-4232 : freeradius - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4232 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4232-1 [email protected]...

7.5CVSS7AI score0.01171EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2025/05/22 4:49 a.m.7 views

CVE-2019-18667

/usr/local/www/freeradiusviewconfig.php in the freeradius3 package before 0.15.73 for pfSense on FreeBSD allows a user with an XSS payload as password or username to execute arbitrary javascript code on a victim browser...

6.1CVSS6.9AI score0.04002EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/05/14 12:0 a.m.11 views

Alibaba Cloud Linux 3 : 0087: freeradius:3.0 (ALINUX3-SA-2023:0087)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2023:0087 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2022-41859: In freeradius, the EAP-PWD...

7.5CVSS6.9AI score0.01171EPSS
Exploits0References4
OSV
OSV
added 2025/03/27 7:23 p.m.7 views

CLSA-2025-1743103421 freeradius: Fix of CVE-2024-3596

CVE-2024-3596: fix chosen-prefix collision attack against MD5 Response Authenticator signature that allowed malicious modification of valid RADIUS responses...

9CVSS7.3AI score0.14859EPSS
Exploits2References1
Rockylinux
Rockylinux
added 2025/03/17 8:16 p.m.7 views

freeradius bug fix update

An update is available for freeradius. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list FreeRADIUS is a high-performance and highly configurable free Remote...

7.7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2022-41861

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in freeradius. A malicious RADIUS client or home server can send a malformed abinary attribute which can cause the server to crash...

6.5CVSS6.4AI score0.01103EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2022-41859

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In freeradius, the EAP-PWD function computepasswordelement leaks information about the password which allows an attacker to substantially reduce the size of an...

7.5CVSS7.2AI score0.0086EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2019-10143

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - It was discovered freeradius up to and including version 3.0.19 does not correctly configure logrotate, allowing a local attacker who already has control of the...

7CVSS6.7AI score0.00345EPSS
Exploits3References3
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2015-8764

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Off-by-one error in the EAP-PWD module in FreeRADIUS 3.0 through 3.0.8, which triggers a buffer overflow. CVE-2015-8764 Note that Nessus relies on the presence ...

8.1CVSS8AI score0.01073EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2015-8763

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The EAP-PWD module in FreeRADIUS 3.0 through 3.0.8 allows remote attackers to have unspecified impact via a crafted 1 commit or 2 confirm message, which trigger...

8.1CVSS7.9AI score0.01235EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2015-4680

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FreeRADIUS 2.2.x before 2.2.8 and 3.0.x before 3.0.9 does not properly check revocation of intermediate CA certificates. CVE-2015-4680 Note that Nessus relies o...

7.5CVSS7.4AI score0.01791EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2017-10986

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An FR-GV-303 issue in FreeRADIUS 3.x before 3.0.15 allows DHCP - Infinite read in dhcpattr2vp and a denial of service. CVE-2017-10986 Note that Nessus relies on...

7.5CVSS7.2AI score0.02042EPSS
Exploits0References2
Rows per page
Query Builder