Lucene search
K

694 matches found

GithubExploit
GithubExploit
added 2026/01/30 2:26 p.m.182 views

Exploit for CVE-2026-7731

CTT-Refraction-Vortex-CVE-2026-7731- Under CTT, we see it as a...

5.9AI score0.00246EPSS
Exploits1
CNNVD
CNNVD
added 2026/01/23 12:0 a.m.6 views

TP-Link's various products have security vulnerabilities

TP-Link Omada Controllers are products of the Chinese company TP-Link. TP-Link Omada Controllers are a series of centralized management platforms. TP-Link Omada Gateways are a series of gateway devices. TP-Link Omada Access Points are a series of access point devices. Several TP-Link products hav...

6CVSS5.8AI score0.00201EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/01/22 12:0 a.m.22 views

PT-2026-4304

Name of the Vulnerable Software and Affected Versions Omada Controllers, Gateways and Access Points affected versions not specified Description An authentication weakness exists in Omada Controllers, Gateways, and Access Points related to controller-device adoption. This is due to improper handli...

6CVSS5.8AI score0.00201EPSS
Exploits0References9
RedhatCVE
RedhatCVE
added 2026/01/09 10:34 a.m.18 views

CVE-2017-18923

beroNet VoIP Gateways before 3.0.16 have a PHP script that allows downloading arbitrary files, including ones with credentials...

7.5CVSS7.1AI score0.01203EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:58 a.m.10 views

CVE-2020-7548

A CWE-330 - Use of Insufficiently Random Values vulnerability exists in Smartlink, PowerTag, and Wiser Series Gateways see security notification for version information that could allow unauthorized users to login...

9.8CVSS7AI score0.01427EPSS
Exploits0References1
NVD
NVD
added 2026/01/05 10:15 p.m.11 views

CVE-2026-0625

Multiple D-Link DSL/DIR/DNS devices contain an authentication bypass and improper access control vulnerability in the dnscfg.cgi endpoint that allows an unauthenticated attacker to access DNS configuration functionality. By directly requesting this endpoint, an attacker can modify the device’s DN...

9.3CVSS0.00964EPSS
Exploits0References4
CVE
CVE
added 2026/01/05 9:14 p.m.45 views

CVE-2026-0625

CVE-2026-0625 affects multiple D-Link DSL gateway devices (e.g., DSL-2740R, DSL-2640B, DSL-2780B, DSL-526B). The dnscfg.cgi endpoint permits an unauthenticated remote command injection due to improper sanitization, enabling arbitrary shell commands execution and DNS configuration modification wit...

9.3CVSS7.1AI score0.00964EPSS
In wildExploits0References4
Positive Technologies
Positive Technologies
added 2026/01/05 12:0 a.m.11 views

PT-2026-1338

Name of the Vulnerable Software and Affected Versions D-Link DSL-2640B versions ≤ 1.07 D-Link DSL-2740R versions 1.17 D-Link DSL-2780B versions ≤ 1.01.14 D-Link DSL-526B versions ≤ 2.01 D-Link DSL gateway devices affected versions not specified Description A critical remote code execution RCE...

9.3CVSS6.8AI score0.00964EPSS
Exploits0References72
Packet Storm News
Packet Storm News
added 2025/12/30 12:0 a.m.4 views

Training-Free Color-Aware Adversarial Diffusion Sanitization for Diffusion Stegomalware Defense at Security Gateways

The rapid expansion of generative AI has normalized large-scale synthetic media creation, enabling new forms of covert communication. Recent generative steganography methods, particularly those based on diffusion models, can embed high-capacity payloads without fine-tuning or auxiliary decoders,...

6.8AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/12/20 12:13 a.m.11 views

CVE-2025-14733

An Out-of-bounds Write vulnerability in WatchGuard Fireware OS may allow a remote unauthenticated attacker to execute arbitrary code. This vulnerability affects both the Mobile User VPN with IKEv2 and the Branch Office VPN using IKEv2 when configured with a dynamic gateway peer.This vulnerability...

9.8CVSS7.7AI score0.18047EPSS
Exploits1References1
The Hacker News
The Hacker News
added 2025/12/05 5:40 a.m.5 views

JPCERT Confirms Active Command Injection Attacks on Array AG Gateways

A command injection vulnerability in Array Networks AG Series secure access gateways has been exploited in the wild since August 2025, according to an alert issued by JPCERT/CC this week. The vulnerability, which does not have a CVE identifier, was addressed by the company on May 11, 2025. It's...

9.8CVSS10AI score0.67645EPSS
Exploits0
EUVD
EUVD
added 2025/12/05 12:31 a.m.4 views

EUVD-2025-201298

A memory corruption vulnerability in WatchGuard Fireware OS may allow an unauthenticated attacker to trigger a Denial of Service DoS condition in the Mobile User VPN with IKEv2 and the Branch Office VPN using IKEv2 when configured with a dynamic gateway peer. This vulnerability affects Fireware O...

8.7CVSS6.5AI score0.00431EPSS
Exploits0References2
EUVD
EUVD
added 2025/12/01 6:30 p.m.4 views

EUVD-2024-30202

Kerlink gateways running KerOS prior to version 5.10 expose their web interface exclusively over HTTP, without HTTPS support. This lack of transport layer security allows a man-in-the-middle attacker to intercept and modify traffic between the client and the device...

6.8CVSS6.2AI score0.0015EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/12/01 12:0 a.m.4 views

CVE-2024-32384

Kerlink gateways running KerOS prior to version 5.10 expose their web interface exclusively over HTTP, without HTTPS support. This lack of transport layer security allows a man-in-the-middle attacker to intercept and modify traffic between the client and the device...

6.8CVSS6.4AI score0.0015EPSS
Exploits0References2
CVE
CVE
added 2025/12/01 12:0 a.m.10 views

CVE-2024-32384

Kerlink KerOS gateways before version 5.10 expose the web interface only over HTTP, with no HTTPS support. This transport security gap enables a man‑in‑the‑middle attacker to intercept/modify traffic between clients and devices. Affected product: Kerlink gateways running KerOS pre‑5.10. Root caus...

7.4CVSS6.4AI score0.0015EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2025/12/01 12:0 a.m.10 views

CVE-2024-32384

Kerlink gateways running KerOS prior to version 5.10 expose their web interface exclusively over HTTP, without HTTPS support. This lack of transport layer security allows a man-in-the-middle attacker to intercept and modify traffic between the client and the device...

6.8CVSS0.0015EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/12/01 12:0 a.m.15 views

PT-2025-48465

Name of the Vulnerable Software and Affected Versions Kerlink gateways versions prior to 5.10 Description Kerlink gateways running KerOS prior to version 5.10 expose their web interface exclusively over HTTP, lacking HTTPS support. This absence of transport layer security enables a...

7.4CVSS6.5AI score0.0015EPSS
Exploits0References6
EUVD
EUVD
added 2025/11/24 2:42 p.m.4 views

EUVD-2025-198863

Malicious code in @ensdomains/unruggable-gateways npm...

6.6AI score
Exploits0References1
EUVD
EUVD
added 2025/11/18 6:32 p.m.6 views

EUVD-2025-198030

A remote command execution RCE vulnerability was discovered in all H3C ERG3/ERG5 series routers and XiaoBei series routers, cloud gateways, and wireless access points versions R0162P07, UAP700-WPT330-E2265, UAP672-WPT330-R2262, UAP662E-WPT330-R2262P03, WAP611-WPT330-R1348-OASIS,...

6.5CVSS7AI score0.00302EPSS
Exploits0References4
NVD
NVD
added 2025/11/18 5:16 p.m.7 views

CVE-2025-63258

A remote command execution RCE vulnerability was discovered in all H3C ERG3/ERG5 series routers and XiaoBei series routers, cloud gateways, and wireless access points versions R0162P07, UAP700-WPT330-E2265, UAP672-WPT330-R2262, UAP662E-WPT330-R2262P03, WAP611-WPT330-R1348-OASIS,...

6.5CVSS0.00302EPSS
Exploits0References1
Rows per page
Query Builder