wendor_labs_exploitation

Wendor Vending Machine Exploitation & Security Research Lab T...

Netmaker does not verify JWT signatures for host tokens

Netmaker by Gravitl is an open-source WireGuard-based networking platform for creating and managing virtual overlay networks. The VerifyHostToken function in logic/jwts.go does not validate the JWT signature when verifying host tokens. After calling jwt.ParseWithClaims, the function only checks...

EUVD-2021-27049

Malware in sbrugna...

EUVD-2022-48295

Malicious code in bioql PyPI...

EUVD-2024-16186

Malicious code in bioql PyPI...

EUVD-2023-26734

Malicious code in bioql PyPI...

EUVD-2023-26736

Malicious code in bioql PyPI...

EUVD-2024-41639

Malicious code in bioql PyPI...

EUVD-2025-5284

Malicious code in bioql PyPI...

CVE-2025-54465 Hard-coded Credentials Vulnerability in ZKTeco WL20

This vulnerability exists in ZKTeco WL20 due to hard-coded MQTT credentials and endpoints stored in plaintext within the device firmware. An attacker with physical access could exploit this vulnerability by extracting the firmware and analyzing the binary data to retrieve the hard-coded MQTT...

CVE-2023-22597

InHand Networks InRouter 302, prior to version IR302 V3.5.56, and InRouter 615, prior to version InRouter6XX-S-V2.3.0.r5542, contain vulnerability CWE-319: Cleartext Transmission of Sensitive Information. They use an unsecured channel to communicate with the cloud platform by default. An...

CVE-2023-22599

InHand Networks InRouter 302, prior to version IR302 V3.5.56, and InRouter 615, prior to version InRouter6XX-S-V2.3.0.r5542, contain vulnerability CWE-760: Use of a One-way Hash with a Predictable Salt. They send MQTT credentials in response to HTTP/HTTPS requests from the cloud platform. These...

CVE-2022-45423

Some Dahua software products have a vulnerability of unauthenticated request of MQTT credentials. An attacker can obtain encrypted MQTT credentials by sending a specific crafted packet to the vulnerable interface the credentials cannot be directly exploited...

CVE-2024-50688

SunGrow iSolarCloud Android application V2.1.6.20241017 and prior contains hardcoded credentials. The application regardless of the user account and the cloud uses the same MQTT credentials for exchanging the device telemetry...

CVE-2024-50688

SunGrow iSolarCloud Android application V2.1.6.20241017 and prior contains hardcoded credentials. The application regardless of the user account and the cloud uses the same MQTT credentials for exchanging the device telemetry...

CVE-2024-50688

SunGrow iSolarCloud Android application V2.1.6.20241017 and prior contains hardcoded credentials. The application regardless of the user account and the cloud uses the same MQTT credentials for exchanging the device telemetry...

CVE-2024-50688

SunGrow iSolarCloud Android application V2.1.6.20241017 and prior contains hardcoded credentials. The application regardless of the user account and the cloud uses the same MQTT credentials for exchanging the device telemetry...

CVE-2024-50688

SunGrow iSolarCloud Android app (v2.1.6.20241017 and earlier) uses hardcoded MQTT credentials for device telemetry, with the same credentials in the app and cloud. The vulnerability is described as enabling attackers to gain unauthorized access to user accounts and potentially execute arbitrary c...

SunGrow WiNet-S Trust Management Issues Vulnerability

SunGrow WiNet-S is a LAN communication module from SunGrow, China. A trust management issue vulnerability exists in SunGrow WiNet-S version V200.001.00.P027 and prior versions, which stems from the use of hard-coded MQTT credentials. An attacker could use this vulnerability to send arbitrary...

CVE-2024-45722

Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x uses weak credential mechanism that could allow an attacker to easily calculate MQTT credentials...