20 matches found
CVE-2025-62777
Use of Hard-Coded Credentials issue exists in MZK-DP300N version 1.07 and earlier, which may allow an attacker within the local network to log in to the affected device via Telnet and execute arbitrary commands...
CVE-2025-62777
Use of Hard-Coded Credentials issue exists in MZK-DP300N version 1.07 and earlier, which may allow an attacker within the local network to log in to the affected device via Telnet and execute arbitrary commands...
CVE-2025-62777
The CVE-2025-62777 entry concerns Planex MZK-DP300N, affected when using firmware versions 1.07 and earlier. The underlying issue is hard-coded credentials, which could allow an attacker on the local network to log in via Telnet and execute arbitrary commands. Mitigation is to update the device f...
CVE-2025-62777
Use of Hard-Coded Credentials issue exists in MZK-DP300N version 1.07 and earlier, which may allow an attacker within the local network to log in to the affected device via Telnet and execute arbitrary commands...
EUVD-2025-36436
Use of Hard-Coded Credentials issue exists in MZK-DP300N version 1.07 and earlier, which may allow an attacker within the local network to log in to the affected device via Telnet and execute arbitrary commands...
CVE-2025-62777
Use of Hard-Coded Credentials issue exists in MZK-DP300N version 1.07 and earlier, which may allow an attacker within the local network to log in to the affected device via Telnet and execute arbitrary commands...
PT-2025-44085
Name of the Vulnerable Software and Affected Versions MZK-DP300N versions 1.07 and earlier Description A security issue exists due to the use of hard-coded credentials. This may allow an attacker within the local network to log in to the affected device via Telnet and execute arbitrary commands...
EUVD-2025-2568
Malicious code in bioql PyPI...
CVE-2025-21603
Cross-site scripting vulnerability exists in MZK-DP300N firmware versions 1.05 and earlier. If an attacker logs in to the affected product and manipulates the device settings, an arbitrary script may be executed on the logged-in user's web browser when accessing a crafted URL...
CVE-2024-45372
MZK-DP300N firmware versions 1.04 and earlier contains a cross-site request forger vulnerability. Viewing a malicious page while logging in to the web management page of the affected product may lead the user to perform unintended operations such as changing the login password, etc...
PLANEX COMMUNICATIONS MZK-DP300N vulnerable to cross-site scripting
Overview MZK-DP300N, wireless LAN router provided by PLANEX COMMUNICATIONS INC., contains a cross-site scripting vulnerability CWE-79. Kentaro Ishii of GMO Cybersecurity by Ierae, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early...
CVE-2025-21603
Cross-site scripting vulnerability exists in MZK-DP300N firmware versions 1.05 and earlier. If an attacker logs in to the affected product and manipulates the device settings, an arbitrary script may be executed on the logged-in user's web browser when accessing a crafted URL...
CVE-2025-21603
CVE-2025-21603 affects PLANEX MZK-DP300N routers (firmware v1.05 and earlier). The issue is a cross-site scripting flaw (CWE-79) in the web interface, allowing an attacker who has logged in to manipulate device settings to trigger arbitrary script execution in the logged-in user’s browser via a c...
CVE-2025-21603
Cross-site scripting vulnerability exists in MZK-DP300N firmware versions 1.05 and earlier. If an attacker logs in to the affected product and manipulates the device settings, an arbitrary script may be executed on the logged-in user's web browser when accessing a crafted URL...
CVE-2025-21603
Cross-site scripting vulnerability exists in MZK-DP300N firmware versions 1.05 and earlier. If an attacker logs in to the affected product and manipulates the device settings, an arbitrary script may be executed on the logged-in user's web browser when accessing a crafted URL...
Planex MZK-DP300N 跨站脚本漏洞
The Planex MZK-DP300N is a hotel router travel router from Planex Japan. A cross-site scripting vulnerability exists in Planex MZK-DP300N version 1.05 and earlier. An attacker can exploit this vulnerability to execute arbitrary script on a web browser...
CVE-2024-45372
MZK-DP300N firmware versions 1.04 and earlier contains a cross-site request forger vulnerability. Viewing a malicious page while logging in to the web management page of the affected product may lead the user to perform unintended operations such as changing the login password, etc...
CVE-2024-45372
MZK-DP300N firmware versions 1.04 and earlier contains a cross-site request forger vulnerability. Viewing a malicious page while logging in to the web management page of the affected product may lead the user to perform unintended operations such as changing the login password, etc...
CVE-2024-45372
MZK-DP300N firmware versions 1.04 and earlier contains a cross-site request forger vulnerability. Viewing a malicious page while logging in to the web management page of the affected product may lead the user to perform unintended operations such as changing the login password, etc...
CVE-2024-45372
MZK-DP300N firmware versions 1.04 and earlier contains a cross-site request forger vulnerability. Viewing a malicious page while logging in to the web management page of the affected product may lead the user to perform unintended operations such as changing the login password, etc...