CVE-2020-37070

CloudMe 1.11.2 contains a buffer overflow vulnerability that allows remote attackers to execute arbitrary code through crafted network packets. Attackers can exploit the vulnerability by sending a specially crafted payload to the CloudMe service running on port 8888, enabling remote code executio...

CVE-2020-37070

CVE-2020-37070 affects CloudMe 1.11.2. A buffer overflow in the CloudMe service (port 8888) can be triggered by crafted network packets, enabling remote code execution. Documents confirm the vulnerability and impact (remote code execution with high confidentiality, integrity, and availability eff...

CVE-2020-37070

CloudMe 1.11.2 contains a buffer overflow vulnerability that allows remote attackers to execute arbitrary code through crafted network packets. Attackers can exploit the vulnerability by sending a specially crafted payload to the CloudMe service running on port 8888, enabling remote code executio...

CVE-2020-37070 CloudMe 1.11.2 - Buffer Overflow (SEH,DEP,ASLR)

CloudMe 1.11.2 contains a buffer overflow vulnerability that allows remote attackers to execute arbitrary code through crafted network packets. Attackers can exploit the vulnerability by sending a specially crafted payload to the CloudMe service running on port 8888, enabling remote code executio...

CVE-2020-37070 CloudMe 1.11.2 - Buffer Overflow (SEH,DEP,ASLR)

CloudMe 1.11.2 contains a buffer overflow vulnerability that allows remote attackers to execute arbitrary code through crafted network packets. Attackers can exploit the vulnerability by sending a specially crafted payload to the CloudMe service running on port 8888, enabling remote code executio...

PT-2026-5821

CloudMe 1.11.2 contains a buffer overflow vulnerability that allows remote attackers to execute arbitrary code through crafted network packets. Attackers can exploit the vulnerability by sending a specially crafted payload to the CloudMe service running on port 8888, enabling remote code executio...

CVE-2019-18315

A vulnerability has been identified in SPPA-T3000 Application Server All versions Service Pack R8.2 SP2. An attacker with network access to the Application Server could gain remote code execution by sending specifically crafted packets to 8888/tcp. Please note that an attacker needs to have netwo...

CVE-2025-61234

Incorrect access control on Dataphone A920 v2025.07.161103 exposes a service on port 8888 by default on the local network without authentication. This allows an attacker to interact with the device via a TCP socket without credentials. Additionally, sending an HTTP request to the service on port...

CVE-2025-61234

Incorrect access control on Dataphone A920 v2025.07.161103 exposes a service on port 8888 by default on the local network without authentication. This allows an attacker to interact with the device via a TCP socket without credentials. Additionally, sending an HTTP request to the service on port...

CVE-2025-61234

Incorrect access control on Dataphone A920 v2025.07.161103 exposes a service on port 8888 by default on the local network without authentication. This allows an attacker to interact with the device via a TCP socket without credentials. Additionally, sending an HTTP request to the service on port...

Dataphone A920 安全漏洞

Dataphone A920 is a POS from Dataphone USA. A security vulnerability exists in Dataphone A920 version v2025.07.161103, which originates from exposing services on port 8888 on the local network by default and without authentication, which could lead to unauthorized device interaction and informati...

PT-2025-44328

Name of the Vulnerable Software and Affected Versions Dataphone A920 version 2025.07.161103 Description A flaw in access control on Dataphone A920 version 2025.07.161103 allows unauthorized interaction with the device. A service running on port 8888 is exposed on the local network without requiri...

CVE-2025-61234

CVE-2025-61234 affects Dataphone A920 (v2025.07.161103). A misconfigured access control exposes a service on port 8888 on the local network without authentication, allowing TCP socket interaction. An HTTP request to port 8888 can trigger an error response that reveals Paytef dataphone packet head...

EUVD-2019-17209

Malware in sbrugna...

EUVD-2019-17210

Malware in sbrugna...

EUVD-2019-17208

Malware in sbrugna...

📄 AndroMouse Server 8.0 Unauthenticated Screenshot Exposure

AndroMouse Server version 8.0 listens on TCP/UDP port 8888 and allows unauthenticated retrieval of desktop screenshots. Attackers can abuse this feature by repeatedly requesting screenshots to create a covert live monitoring stream, compromising user privacy without any notification or consent...

📄 AndroMouse Server 8.0 Unauthenticated Directory Enumeration

AndroMouse Server version 8.0 exposes an unauthenticated TCP command interface on port 8888. A remote attacker can send crafted commands to enumerate the contents of arbitrary directories on the host file system, without user interaction or authentication. Exploit Title: AndroMouse Server 8.0 –...

CVE-2022-43976

An issue was discovered in FC46-WebBridge on GE Grid Solutions MS3000 devices before 3.7.6.25p03.2.2.17p04.7p0. Direct access to the API is possible on TCP port 8888 via programs located in the cgi-bin folder without any authentication...

Spring Cloud Config Server Directory Traversal

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Directory Traversal in Spring Cloud Config Server', 'Description' = %q This module exploits an unauthenticated directory traversal vulnerability...