15 matches found
Command Injection in Vivotek Legacy Firmware: What You Need to Know
...
EUVD-2025-199700
Smart Video Doorbell firmware versions prior to 2.01.078 contain an active debug code vulnerability that allows an attacker to connect via Telnet and gain access to the device...
CVE-2025-12592
Legacy Vivotek Device firmware uses default credetials for the root and user login accounts...
Firmwhere? Rediscovering a Vulnerability in Vivotek Legacy Firmware
...
EUVD-2025-198160
Legacy Vivotek Device firmware uses default credetials for the root and user login accounts...
CVE-2025-12592
Legacy Vivotek Device firmware uses default credetials for the root and user login accounts...
Azure Access Technology BLU-IC2和Azure Access Technology BLU-IC4 安全漏洞
The Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 are both networked access controllers from Azure Access Technology, USA. A security vulnerability exists in the Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 that stems from a firmware version mismatch. ...
Exploit for Injection in Dlink Dns-320_Firmware
cve-2024-10914 Exploit for cve-2024...
CVE-2023-39300
An OS command injection vulnerability has been reported to affect legacy QTS. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 4.3.6.2805 build 20240619 and later QTS...
CVE-2022-31486
An authenticated attacker can send a specially crafted route to the “editroute.cgi” binary and have it execute shell commands. This vulnerability impacts products based on HID Mercury Intelligent Controllers LP1501, LP1502, LP2500, LP4502, and EP4502 which contain firmware versions prior to 1.303...
CVE-2021-26408
Insufficient validation of elliptic curve points in SEV-legacy firmware may compromise SEV-legacy guest migration potentially resulting in loss of guest's integrity or confidentiality...
CVE-2019-20714
Certain NETGEAR devices are affected by stored XSS. This affects D3600 before 1.0.0.75, D6000 before 1.0.0.75, D7800 before 1.0.1.44, DM200 before 1.0.0.58, R7500v2 before 1.0.3.40, R7800 before 1.0.2.60, R8900 before 1.0.4.12, R9000 before 1.0.4.12, RBK20 before 2.3.0.22, RBR20 before 2.3.0.22,...
CVE-2018-7922
Huawei ALP-L09 smart phones with versions earlier than ALP-L09 8.0.0.150C432 have an insufficient input validation vulnerability due to lack of parameter check. An attacker tricks the user who has root privilege to install a crafted application, the application may modify the specific data to...
CVE-2015-7924
eWON devices with firmware before 10.1s0 do not trigger the discarding of browser session data in response to a log-off action, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation...
eWON Plaintext Password Information Disclosure Vulnerability
eWON is an industrial router product from eWON Belgium. A security vulnerability exists in eWON using firmware versions prior to 10.1s0, which stems from a program that uses plaintext to transmit passwords. An attacker could exploit the vulnerability to obtain passwords and unauthorized access in...