EUVD-2024-45180

Malicious code in bioql PyPI...

CVE-2024-31070

Initialization of a resource with an insecure default vulnerability in FutureNet NXR series, VXR series and WXR series provided by Century Systems Co., Ltd. allows a remote unauthenticated attacker to access telnet service unlimitedly...

CVE-2024-36491

FutureNet NXR series, VXR series and WXR series provided by Century Systems Co., Ltd. allow an administrative user to execute an arbitrary OS command, obtain and/or alter sensitive information, and cause a denial-of-service DoS condition...

Century Systems FutureNet NXR和Century Systems FutureNet VXR 安全漏洞

Century Systems FutureNet NXR and Century Systems FutureNet VXR are both a series of routers from Century Systems Japan. A security vulnerability exists in Century Systems FutureNet NXR and Century Systems FutureNet VXR that stems from improper handling of symbolic link files, which could allow a...

PT-2025-13560 · Futurenet · Futurenet Nxr Series

Name of the Vulnerable Software and Affected Versions: FutureNet NXR series, VXR series and WXR series routers affected versions not specified Description: The issue exists due to improper handling of symbolic link files. An attacker can exploit this by attaching an external storage containing...

CVE-2024-50357

FutureNet NXR series routers provided by Century Systems Co., Ltd. have REST-APIs, which are configured as disabled in the initial factory default configuration. But, REST-APIs are unexpectedly enabled when the affected product is powered up, provided either http-server GUI or Web authentication ...

CVE-2024-50357

CVE-2024-50357 affects FutureNet NXR series routers from Century Systems. The issue arises because REST-APIs are unintentionally enabled on startup when http-server (GUI) or Web authentication is enabled, even though REST-APIs are disabled by default. The factory default enables http-server (GUI)...

CVE-2024-50357

FutureNet NXR series routers provided by Century Systems Co., Ltd. have REST-APIs, which are configured as disabled in the initial factory default configuration. But, REST-APIs are unexpectedly enabled when the affected product is powered up, provided either http-server GUI or Web authentication ...

CVE-2024-50357

FutureNet NXR series routers provided by Century Systems Co., Ltd. have REST-APIs, which are configured as disabled in the initial factory default configuration. But, REST-APIs are unexpectedly enabled when the affected product is powered up, provided either http-server GUI or Web authentication ...

REST-APIs unintentionally enabled in Century Systems FutureNet NXR series routers

Overview FutureNet NXR series routers provided by Century Systems Co., Ltd. have REST-APIs, which are configured as disabled in the initial factory default configuration. But, REST-APIs are unexpectedly enabled when the affected product is powered up, provided either http-server GUI or Web...

CVE-2024-31070

Initialization of a resource with an insecure default vulnerability in FutureNet NXR series, VXR series and WXR series provided by Century Systems Co., Ltd. allows a remote unauthenticated attacker to access telnet service unlimitedly...

CVE-2024-31070

Initialization of a resource with an insecure default vulnerability in FutureNet NXR series, VXR series and WXR series provided by Century Systems Co., Ltd. allows a remote unauthenticated attacker to access telnet service unlimitedly...

CVE-2024-31070

Initialization of a resource with an insecure default vulnerability in FutureNet NXR series, VXR series and WXR series provided by Century Systems Co., Ltd. allows a remote unauthenticated attacker to access telnet service unlimitedly...

CVE-2024-31070

CVE-2024-31070 affects Century Systems’ FutureNet NXR/VXR/WXR series. The vulnerability is an insecure default initialization that allows a remote unauthenticated attacker to access the Telnet service without limits. Affected devices expose Telnet due to default configuration and insecure resourc...

PT-2024-27018 · Futurenet · Futurenet Nxr Series

Name of the Vulnerable Software and Affected Versions: FutureNet NXR series, VXR series and WXR series affected versions not specified Description: The issue concerns an active debug code vulnerability. If a user with knowledge of the debug function logs in, they may utilize the debug function to...

FutureNet NXR-G240 Series ShellShock Command Injection

-- coding: utf-8 -- Title: FutureNet NXR-G240 Series - "ShellShock" Remote Command Injection Date: 2018-06-12 Author: Nassim Asrir You have a Q ? Contact me at: https://www.linkedin.com/in/nassim-asrir-b73a57122/ Vendor: http://www.centurysys.co.jp/ CVE: CVE-2014-6271 Greetz to : Nadia BENCHIKHA...