185 matches found
IROAD FX2 安全漏洞
IROAD FX2 is a car recorder from IROAD. A security vulnerability exists in IROAD FX2 20250308 and prior versions that stems from the use of a default password that requires an attack to be initiated on the local network...
IROAD X5 安全漏洞
IROAD X5 is a car recorder from IROAD. A security vulnerability exists in IROAD X5 that stems from hard-coded credentials that require an attack to be launched on the local network...
CVE-2025-2122
The CVE-2025-2122 entry concerns Thinkware Car Dashcam F800 Pro (up to 20250226). Affected component: Connection Handler. Vulnerability type: denial of service caused by manipulation of the Connection Handler, with attack possible only on the local network. Exploitation is described as high compl...
CVE-2025-2121
CVE-2025-2121 affects Thinkware Car Dashcam F800 Pro up to 20250226. The vulnerability resides in the File Storage component, with an unknown function enabling improper access controls exploitable from the local network. The exploit has been publicly disclosed and the vendor has not responded. A ...
PT-2025-10450 · Thinkware · Thinkware Car Dashcam F800 Pro
Name of the Vulnerable Software and Affected Versions: Thinkware Car Dashcam F800 Pro up to 20250226 Description: A vulnerability was found in the Connection Handler component of the Thinkware Car Dashcam F800 Pro, which can be exploited to cause a denial of service. The attack can only be...
Linux Distros Unpatched Vulnerability : CVE-2024-3661
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - DHCP can add routes to a client's routing table via the classless static route option 121. VPN-based security solutions that rely on routes to redirect traffic...
CVE-2025-1882
A vulnerability was found in i-Drive i11 and i12 up to 20250227. It has been rated as critical. Affected by this issue is some unknown functionality of the component Device Setting Handler. The manipulation leads to improper access control for register interface. The attack needs to be done withi...
CVE-2025-1882 i-Drive i11/i12 Device Setting improper access control for register interface
A vulnerability was found in i-Drive i11 and i12 up to 20250227. It has been rated as critical. Affected by this issue is some unknown functionality of the component Device Setting Handler. The manipulation leads to improper access control for register interface. The attack needs to be done withi...
CVE-2025-1882 i-Drive i11/i12 Device Setting improper access control for register interface
A vulnerability was found in i-Drive i11 and i12 up to 20250227. It has been rated as critical. Affected by this issue is some unknown functionality of the component Device Setting Handler. The manipulation leads to improper access control for register interface. The attack needs to be done withi...
i-Drive i11和i-Drive i12 安全漏洞
The i-Drive i11 and i-Drive i12 are both a car recorder from i-Drive, Inc. A security vulnerability exists in i-Drive i11 and i-Drive i12 20250227 and prior versions, which stems from the use of a default password and could lead to a local network attack...
i-Drive i11和i-Drive i12 安全漏洞
The i-Drive i11 and i-Drive i12 are both a car recorder from i-Drive, Inc. A security vulnerability exists in i-Drive i11 and i-Drive i12 20250227 and prior versions, which stems from improper access control of the registration interface and could lead to a local network attack...
CVE-2025-1207
A vulnerability was found in phjounin TFTPD64 4.64. It has been declared as problematic. This vulnerability affects unknown code of the component DNS Handler. The manipulation leads to denial of service. The attack needs to be done within the local network. The complexity of an attack is rather...
CVE-2025-1207 phjounin TFTPD64 DNS denial of service
A vulnerability was found in phjounin TFTPD64 4.64. It has been declared as problematic. This vulnerability affects unknown code of the component DNS Handler. The manipulation leads to denial of service. The attack needs to be done within the local network. The complexity of an attack is rather...
Airtel Xstream 安全漏洞
Airtel Xstream is a streaming controller from Airtel India. A security vulnerability exists in Airtel Xstream 20250123 and earlier versions, which stems from the use of weak credentials by the WiFi Password Handler component, resulting in an attack that can be carried out on the local network...
CVE-2024-10194
A vulnerability was found in WAVLINK WN530H4, WN530HG4 and WN572HG3 up to 20221028. It has been classified as critical. Affected is the function Gotochidx of the file login.cgi of the component Front-End Authentication Page. The manipulation of the argument wlanUrl leads to stack-based buffer...
CVE-2024-31903
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.2 allow an attacker on the local network to execute arbitrary code on the system, caused by the deserialization of untrusted data...
CVE-2025-24126
An input validation issue was addressed. This issue is fixed in iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.3, visionOS 2.3. An attacker on the local network may be able to corrupt process memory...
Improper Certificate Validation
Keycloak is vulnerable to Improper Certificate Validation. The vulnerability is due to improper handling of reverse proxy configurations with mTLS enabled, allowing an attacker on the local network to impersonate any user or client using mTLS for authentication...
CVE-2024-12343
TP-Link VN020 F3v(T) TT_V6.2.1021 is affected, specifically the SOAP Request Handler’s /control/WANIPConnection component where manipulating the NewConnectionType argument triggers a buffer overflow. This vulnerability requires local-network access and has public exploitation information, with po...
CVE-2024-6895 Insecure Account Profile Management
Insufficient authentication in user account management in Yugabyte Platform allows local network attackers with a compromised user session to change critical security information without re-authentication. An attacker with user session and access to application can modify settings such as passwor...