16 matches found
EUVD-2024-45180
Malicious code in bioql PyPI...
CVE-2024-31070
Initialization of a resource with an insecure default vulnerability in FutureNet NXR series, VXR series and WXR series provided by Century Systems Co., Ltd. allows a remote unauthenticated attacker to access telnet service unlimitedly...
CVE-2024-36491
FutureNet NXR series, VXR series and WXR series provided by Century Systems Co., Ltd. allow an administrative user to execute an arbitrary OS command, obtain and/or alter sensitive information, and cause a denial-of-service DoS condition...
PT-2025-13560 · Futurenet · Futurenet Nxr Series
Name of the Vulnerable Software and Affected Versions: FutureNet NXR series, VXR series and WXR series routers affected versions not specified Description: The issue exists due to improper handling of symbolic link files. An attacker can exploit this by attaching an external storage containing...
Century Systems FutureNet NXR和Century Systems FutureNet VXR 安全漏洞
Century Systems FutureNet NXR and Century Systems FutureNet VXR are both a series of routers from Century Systems Japan. A security vulnerability exists in Century Systems FutureNet NXR and Century Systems FutureNet VXR that stems from improper handling of symbolic link files, which could allow a...
CVE-2024-50357
FutureNet NXR series routers provided by Century Systems Co., Ltd. have REST-APIs, which are configured as disabled in the initial factory default configuration. But, REST-APIs are unexpectedly enabled when the affected product is powered up, provided either http-server GUI or Web authentication ...
CVE-2024-50357
FutureNet NXR series routers provided by Century Systems Co., Ltd. have REST-APIs, which are configured as disabled in the initial factory default configuration. But, REST-APIs are unexpectedly enabled when the affected product is powered up, provided either http-server GUI or Web authentication ...
CVE-2024-50357
CVE-2024-50357 affects FutureNet NXR series routers from Century Systems. The issue arises because REST-APIs are unintentionally enabled on startup when http-server (GUI) or Web authentication is enabled, even though REST-APIs are disabled by default. The factory default enables http-server (GUI)...
CVE-2024-50357
FutureNet NXR series routers provided by Century Systems Co., Ltd. have REST-APIs, which are configured as disabled in the initial factory default configuration. But, REST-APIs are unexpectedly enabled when the affected product is powered up, provided either http-server GUI or Web authentication ...
REST-APIs unintentionally enabled in Century Systems FutureNet NXR series routers
Overview FutureNet NXR series routers provided by Century Systems Co., Ltd. have REST-APIs, which are configured as disabled in the initial factory default configuration. But, REST-APIs are unexpectedly enabled when the affected product is powered up, provided either http-server GUI or Web...
CVE-2024-31070
Initialization of a resource with an insecure default vulnerability in FutureNet NXR series, VXR series and WXR series provided by Century Systems Co., Ltd. allows a remote unauthenticated attacker to access telnet service unlimitedly...
CVE-2024-31070
Initialization of a resource with an insecure default vulnerability in FutureNet NXR series, VXR series and WXR series provided by Century Systems Co., Ltd. allows a remote unauthenticated attacker to access telnet service unlimitedly...
CVE-2024-31070
CVE-2024-31070 affects Century Systems’ FutureNet NXR/VXR/WXR series. The vulnerability is an insecure default initialization that allows a remote unauthenticated attacker to access the Telnet service without limits. Affected devices expose Telnet due to default configuration and insecure resourc...
CVE-2024-31070
Initialization of a resource with an insecure default vulnerability in FutureNet NXR series, VXR series and WXR series provided by Century Systems Co., Ltd. allows a remote unauthenticated attacker to access telnet service unlimitedly...
PT-2024-27018 · Futurenet · Futurenet Nxr Series
Name of the Vulnerable Software and Affected Versions: FutureNet NXR series, VXR series and WXR series affected versions not specified Description: The issue concerns an active debug code vulnerability. If a user with knowledge of the debug function logs in, they may utilize the debug function to...
FutureNet NXR-G240 Series ShellShock Command Injection
-- coding: utf-8 -- Title: FutureNet NXR-G240 Series - "ShellShock" Remote Command Injection Date: 2018-06-12 Author: Nassim Asrir You have a Q ? Contact me at: https://www.linkedin.com/in/nassim-asrir-b73a57122/ Vendor: http://www.centurysys.co.jp/ CVE: CVE-2014-6271 Greetz to : Nadia BENCHIKHA...