Tenda HG7 缓冲区错误漏洞

The Tenda HG7 is a dual-band Wi-Fi optical network terminal device from the Chinese company Tenda. The Tenda HG7 300001138enxpon version has a buffer error vulnerability. This vulnerability stems from incorrect handling of the parameter “blkDomain” in the function formDOMAINBLK, which may lead to...

CVE-2026-45433

This vulnerability exists in GX Earth 2022 ONT models due to the presence of hardcoded RSA private key within the device firmware. A remote attacker could exploit this vulnerability by extracting the cryptographic private key from the firmware, which could lead to decryption of HTTPS traffic and...

EUVD-2026-34251

This vulnerability exists in GX Earth 2022 ONT models due to the presence of hardcoded RSA private key within the device firmware. A remote attacker could exploit this vulnerability by extracting the cryptographic private key from the firmware, which could lead to decryption of HTTPS traffic and...

EUVD-2026-34250

This vulnerability exists in GX Earth ONT models due to the transmission of user credentials in plaintext over HTTP in its web management interface. A remote attacker could exploit this vulnerability by intercepting network traffic to obtain sensitive authentication information, which could lead ...

GX Group Earth 2022 ONT 安全漏洞

GX Group Earth 2022 ONT is an FTTH optical network terminal device developed by the Turkish company GX Group. There is a security vulnerability present in GX Group Earth 2022 ONT. This vulnerability stems from the web management interface transmitting user credentials via HTTP plaintext...

CVE-2025-70545

A stored cross-site scripting XSS vulnerability exists in the web management interface of the PPC Belden ONT 2K05X router running firmware v1.1.9206L. The Common Gateway Interface CGI component improperly handles user-supplied input, allowing a remote, unauthenticated attacker to inject arbitrary...

EUVD-2025-206613

The unified WEBUI application of the ONT/Beacon device contains an input handling flaw that allows authenticated users to trigger unintended system-level command execution. Due to insufficient validation of user-supplied data, a low-privileged authenticated attacker may be able to execute arbitra...

EUVD-2025-27466

Malicious code in bioql PyPI...

EUVD-2025-27470

Malicious code in bioql PyPI...

CVE-2025-54084

OS Command 'OS Command Injection' vulnerability in Calix GigaCenter ONT Quantenna SoC modules allows authenticated attackers with 'super' user credentials to execute arbitrary OS commands through improper input validation, potentially leading to full system compromise.This issue affects GigaCente...

CVE-2025-54084

CVE-2025-54084 refers to an OS Command Injection in Calix GigaCenter ONT (Quantenna SoC modules). The vulnerability arises from improper input validation in the OS command pathway, allowing authenticated attackers with super credentials to execute arbitrary OS commands, potentially leading to ful...

CVE-2025-7635 Calix GigaCenter ONT - Unauthenticated Telnet

Unauthenticated Telnet access vulnerability in Calix GigaCenter ONT allows root access.This issue affects GigaCenter ONT: 844E, 844G, 844GE, 854GE...

CVE-2025-53914

CVE-2025-53914 affects Calix GigaCenter ONT devices with Broadcom SoCs (models 844E, 844G, 844GE, 854GE, 812G, 813G, 818G). The issue is an excessive privileges vulnerability allowing privilege abuse due to a privilege escalation/root cause described as privilege abuse. CVSS-based notes in source...

Calix GigaCenter ONT Series 安全漏洞

Calix GigaCenter ONT Series is a series of optical network terminals from Calix USA. A security vulnerability exists in the Calix GigaCenter ONT Series that originates from a common user being able to abuse elevated privileges. The following products and versions are affected: GigaCenter ONT 844E...

Calix GigaCenter ONT Series 安全漏洞

Calix GigaCenter ONT Series is a series of optical network terminals from Calix USA. A security vulnerability exists in the Calix GigaCenter ONT Series that originates from a common user being able to abuse elevated privileges. The following products and versions are affected: GigaCenter ONT 844E...

PT-2025-36956

Name of the Vulnerable Software and Affected Versions: Calix GigaCenter ONT versions 844E Calix GigaCenter ONT versions 844G Calix GigaCenter ONT versions 844GE Calix GigaCenter ONT versions 854GE Description: An unauthenticated Telnet access issue exists in Calix GigaCenter ONT, allowing root...

DASAN H660WM 安全漏洞

DASAN H660WM is an optical network terminal from DASAN, Korea. A security vulnerability exists in the DASAN H660WM H660WMR210825 version, which originates from improper access control of the component /cgi-bin/systemdiagnosticmain.asp, which could result in access to sensitive information...

CVE-2025-22938

Adtran 411 ONT L80.00.0011.M2 was discovered to contain weak default passwords...

CVE-2025-22941

A command injection vulnerability in the web interface of Adtran 411 ONT L80.00.0011.M2 allows attackers to escalate privileges to root and execute arbitrary commands...

CVE-2025-22940

Incorrect access control in Adtran 411 ONT L80.00.0011.M2 allows unauthorized attackers to arbitrarily set the admin password...