CVE-2018-25144 Microhard Systems IPn4G 1.1.0 Arbitrary File Access via Undocumented System Editor

Microhard Systems IPn4G 1.1.0 contains an authentication bypass vulnerability in the hidden system-editor.sh script that allows authenticated attackers to read, modify, or delete arbitrary files. Attackers can exploit unsanitized 'path', 'savefile', 'edit', and 'delfile' parameters to perform...

CVE-2018-25144 Microhard Systems IPn4G 1.1.0 Arbitrary File Access via Undocumented System Editor

Microhard Systems IPn4G 1.1.0 contains an authentication bypass vulnerability in the hidden system-editor.sh script that allows authenticated attackers to read, modify, or delete arbitrary files. Attackers can exploit unsanitized 'path', 'savefile', 'edit', and 'delfile' parameters to perform...

CVE-2018-25144

The CVE-2018-25144 issue affects Microhard Systems IPn4G 1.1.0. A vulnerability in the hidden system-editor.sh script allows authenticated attackers to read, modify, or delete arbitrary files by abusing unsanitized parameters (path, savefile, edit, delfile) via GET/POST requests. Exploitation det...

CVE-2018-25145

The CVE concerns Microhard Systems IPn4G 1.1.0, where an authenticated user can download sensitive configuration files via a configuration-disclosure vulnerability. Affected component is the device’s configuration storage accessible from multiple directories including '/www', '/etc/m_cli/', and '...

CVE-2018-25143 Microhard Systems IPn4G 1.1.0 Backdoor Jailbreak via Microhard Sh Service

Microhard Systems IPn4G 1.1.0 contains a service vulnerability that allows authenticated users to enable a restricted SSH shell with a default 'msshc' user. Attackers can exploit a custom 'ping' command in the NcFTP environment to escape the restricted shell and execute commands with root...

CVE-2018-25143 Microhard Systems IPn4G 1.1.0 Backdoor Jailbreak via Microhard Sh Service

Microhard Systems IPn4G 1.1.0 contains a service vulnerability that allows authenticated users to enable a restricted SSH shell with a default 'msshc' user. Attackers can exploit a custom 'ping' command in the NcFTP environment to escape the restricted shell and execute commands with root...

CVE-2018-25143

CVE-2018-25143 affects Microhard Systems IPn4G 1.1.0. A service vulnerability enables authenticated users to turn on a restricted SSH shell via the default user 'msshc'. An attacker can abuse a custom 'ping' command within the NcFTP environment to escape the restricted shell and execute commands ...

Microhard Systems IPn4G 安全漏洞

Microhard Systems IPn4G is a cellular wireless gateway from Microhard Canada. A security vulnerability exists in Microhard Systems IPn4G version 1.1.0 that originates from a restricted shell that can be escaped via a customized ping command, which could result in the execution of commands with ro...

Microhard Systems IPn4G 安全漏洞

Microhard Systems IPn4G is a cellular wireless gateway from Microhard Canada. A security vulnerability exists in Microhard Systems IPn4G version 1.1.0, which stems from an uncleared parameter in the system-editor.sh script that could allow arbitrary files to be read, modified, or deleted...

PT-2025-53369

Microhard Systems IPn4G 1.1.0 contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions without user consent. Attackers can craft malicious web pages to change admin passwords, add new users, and modify system settings by tricking authenticated...

Microhard Systems IPn4G 安全漏洞

Microhard Systems IPn4G is a cellular wireless gateway from Microhard Canada. A security vulnerability exists in Microhard Systems IPn4G version 1.1.0, which stems from multiple authenticated remote code execution vulnerabilities in the management interface that could lead to the creation of...

Microhard Systems IPn4G 安全漏洞

Microhard Systems IPn4G is a cellular wireless gateway from Microhard Canada. A security vulnerability exists in Microhard Systems IPn4G version 1.1.0, which originates from the presence of a hidden function that can manipulate system processes, potentially resulting in a service interruption...

Microhard Systems IPn4G 安全漏洞

Microhard Systems IPn4G is a cellular wireless gateway from Microhard Canada. A security vulnerability exists in Microhard Systems IPn4G version 1.1.0, which stems from the presence of hard-coded default credentials that could result in gaining root-level unauthorized access...

PT-2025-53367

Microhard Systems IPn4G 1.1.0 contains hardcoded default credentials that cannot be changed through normal gateway operations. Attackers can exploit these default credentials to gain unauthorized root-level access to the device by logging in with predefined username and password combinations...

Microhard Systems IPn4G 安全漏洞

Microhard Systems IPn4G is a cellular wireless gateway from Microhard Canada. A security vulnerability exists in Microhard Systems IPn4G version 1.1.0 that stems from susceptibility to cross-site request forgery attacks and could lead to the execution of administrative actions...

PT-2025-53363

Microhard Systems IPn4G 1.1.0 contains a service vulnerability that allows authenticated users to enable a restricted SSH shell with a default 'msshc' user. Attackers can exploit a custom 'ping' command in the NcFTP environment to escape the restricted shell and execute commands with root...

PT-2025-53366

Name of the Vulnerable Software and Affected Versions Microhard Systems IPn4G version 1.1.0 Description An issue exists in Microhard Systems IPn4G that allows authenticated attackers to list and manipulate running system processes. Attackers can send arbitrary signals to kill background processes...

PT-2025-53365

Microhard Systems IPn4G 1.1.0 contains a configuration file disclosure vulnerability that allows authenticated attackers to download sensitive system configuration files. Attackers can retrieve configuration files from multiple directories including '/www', '/etc/m cli/', and '/tmp' to access...

Microhard Systems IPn4G 安全漏洞

Microhard Systems IPn4G is a cellular wireless gateway from Microhard Canada. A security vulnerability exists in Microhard Systems IPn4G version 1.1.0 that originates from a downloadable sensitive system configuration file that could lead to the disclosure of configuration information...

EUVD-2025-17402

Malicious code in bioql PyPI...