Lucene search
K

111 matches found

CNVD
CNVD
added 2025/08/22 12:0 a.m.4 views

Tenda AC6 Code Execution Vulnerability (CNVD-2025-20158)

Tenda AC6 is a dual-band wireless router from Tenda that supports IPv4 and IPv6 protocols and utilizes the 802.11ac/n wireless standard to provide a wireless transmission rate of 1167Mbps. A code execution vulnerability exists in the Tenda AC6. The vulnerability stems from the presence of insecur...

9.8CVSS8.4AI score0.0054EPSS
Exploits0References1
NVD
NVD
added 2025/08/20 2:15 p.m.20 views

CVE-2025-24322

An unsafe default authentication vulnerability exists in the Initial Setup Authentication functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted network request can lead to arbitrary code execution. An attacker can browse to the device to trigger this vulnerability...

9.8CVSS0.0054EPSS
Exploits0References2
OSV
OSV
added 2025/08/20 2:15 p.m.4 views

CVE-2025-24322

An unsafe default authentication vulnerability exists in the Initial Setup Authentication functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted network request can lead to arbitrary code execution. An attacker can browse to the device to trigger this vulnerability...

9.8CVSS6.1AI score0.0054EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/08/20 1:9 p.m.3 views

CVE-2025-24322

An unsafe default authentication vulnerability exists in the Initial Setup Authentication functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted network request can lead to arbitrary code execution. An attacker can browse to the device to trigger this vulnerability...

8.1CVSS8AI score0.0054EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/08/20 1:9 p.m.9 views

CVE-2025-24322

An unsafe default authentication vulnerability exists in the Initial Setup Authentication functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted network request can lead to arbitrary code execution. An attacker can browse to the device to trigger this vulnerability...

8.1CVSS0.0054EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/08/20 12:0 a.m.7 views

PT-2025-34044 · Tenda · Tenda Ac6

Name of the Vulnerable Software and Affected Versions: Tenda AC6 version V02.03.01.110 Description: An unsafe default authentication issue exists in the Initial Setup Authentication functionality. A specially crafted network request can lead to arbitrary code execution. An attacker can access the...

9.8CVSS7.1AI score0.0054EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/08/20 12:0 a.m.5 views

Tenda AC6 安全漏洞

Tenda AC6 is a dual-band wireless router from Tenda that supports IPv4 and IPv6 protocols and utilizes the 802.11ac/n wireless standard to provide a wireless transmission rate of 1167Mbps. A code execution vulnerability exists in the Tenda AC6. The vulnerability stems from the presence of insecur...

9.8CVSS8AI score0.0054EPSS
Exploits0References2
Talos
Talos
added 2025/08/20 12:0 a.m.11 views

Tenda AC6 V5.0 missing initial setup authentication vulnerability

Talos Vulnerability Report TALOS-2025-2163 Tenda AC6 V5.0 missing initial setup authentication vulnerability August 20, 2025 CVE Number CVE-2025-24322 SUMMARY An unsafe default authentication vulnerability exists in the Initial Setup Authentication functionality of Tenda AC6 V5.0 V02.03.01.110. A...

9.8CVSS7.4AI score0.0054EPSS
Exploits0
CVE
CVE
added 2025/08/08 3:32 p.m.27 views

CVE-2025-8731

TRENDnet CVE-2025-8731 affects TI-G160i, TI-PG102i and TPL-430AP (up to 20250724) with the SSH Service using default credentials. Several sources confirm remote exploitation is possible and that the exploit has been publicly disclosed. Mitigation in publicly released documents centers on credenti...

10CVSS9.6AI score0.00585EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/06/27 12:0 a.m.4 views

Trend Makers Sight Bulb Pro 加密问题漏洞

Trend Makers Sight Bulb Pro is a camera from Trend Makers, Inc. The Trend Makers Sight Bulb Pro suffers from an encryption issue vulnerability that stems from the plaintext transfer of an AES key during initial setup, which could lead to the decryption of communications and the disclosure of...

7.6CVSS6.3AI score0.00078EPSS
Exploits0References3
OSV
OSV
added 2025/06/09 8:25 p.m.5 views

CVE-2025-49004 Hijacking Caido instance during the initial setup via DNS Rebinding to achieve RCE

Caido is a web security auditing toolkit. Prior to version 0.48.0, due to the lack of protection for DNS rebinding, Caido can be loaded on an attacker-controlled domain. This allows a malicious website to hijack the authentication flow of Caido and achieve code execution. A malicious website load...

7.5CVSS7.8AI score0.00515EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/23 4:19 a.m.8 views

CVE-2023-42144

Cleartext Transmission during initial setup in Shelly TRV 20220811-15234 v.2.1.8 allows a local attacker to obtain the Wi-Fi password...

5.5CVSS6.6AI score0.00108EPSS
Exploits0
CNNVD
CNNVD
added 2025/01/22 12:0 a.m.4 views

Open5GS 安全漏洞

Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. A security vulnerability exists in Open5GS, which can be exploited to cause a denial of service by an attacker who sends an "Initial Context Setup Failed" message that lac...

5.3CVSS6.6AI score0.00261EPSS
Exploits1References2
Packet Storm
Packet Storm
added 2024/09/01 12:0 a.m.210 views

Telerik Report Server Auth Bypass

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Telerik Report Server Auth Bypass', 'Description' = %q This module exploits an authentication bypass vulnerability in Telerik Report Server...

9.9CVSS7.2AI score0.97482EPSS
Exploits14
Zero Day Initiative
Zero Day Initiative
added 2024/07/11 12:0 a.m.27 views

(Pwn2Own) Synology RT6600ax Improper Access Control Firewall Bypass Vulnerability

This vulnerability allows remote attackers to bypass firewall rules and access the LAN interface on affected installations of Synology RT6600ax routers. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of firewall rules. The issue results from...

6.6CVSS7.4AI score0.00523EPSS
Exploits0References1
Metasploit
Metasploit
added 2024/06/12 7:54 p.m.155 views

Telerik Report Server Auth Bypass

This module exploits an authentication bypass vulnerability in Telerik Report Server versions 10.0.24.305 and prior which allows an unauthenticated attacker to create a new account with administrative privileges. The vulnerability leverages the initial setup page which is still accessible once th...

9.8CVSS8.1AI score0.97482EPSS
Exploits14
OSV
OSV
added 2024/01/23 8:15 p.m.5 views

CVE-2023-42144

Cleartext Transmission during initial setup in Shelly TRV 20220811-15234 v.2.1.8 allows a local attacker to obtain the Wi-Fi password...

5.5CVSS5.8AI score0.00108EPSS
Exploits0References1
Prion
Prion
added 2024/01/23 8:15 p.m.17 views

Design/Logic Flaw

Cleartext Transmission during initial setup in Shelly TRV 20220811-15234 v.2.1.8 allows a local attacker to obtain the Wi-Fi password...

1.7CVSS6.8AI score0.00108EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2024/01/23 12:0 a.m.5 views

Shelly TRV Security Vulnerability

Shelly TRV is a Wi-Fi connected radiator thermostat from Shelly. A security vulnerability exists in Shelly TRV version 20220811-152343 v.2.1.8, which stems from a plaintext transmission during initial setup that allows a local attacker to obtain the Wi-Fi password...

5.5CVSS6.5AI score0.00108EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/01/23 12:0 a.m.6 views

PT-2024-13034 · Allterco · Shelly Trv

Name of the Vulnerable Software and Affected Versions: Shelly TRV version 2.1.8 Description: The issue allows a local attacker to obtain the Wi-Fi password due to cleartext transmission during the initial setup. Recommendations: For Shelly TRV version 2.1.8, update to a version that addresses the...

5.5CVSS5.5AI score0.00108EPSS
Exploits0References5
Rows per page
Query Builder