EUVD-2025-33576

Newforma Project Center Server NPCS accepts serialized .NET data via the '/ProjectCenter.rem' endpoint on 9003/tcp, allowing a remote, unauthenticated attacker to execute arbitrary code with 'NT AUTHORITY\NetworkService' privileges. According to the recommended architecture, the vulnerable NPCS...

CVE-2025-35051 Newforma Project Center Server (NPCS) .NET unauthenticated deserialization

Newforma Project Center Server NPCS accepts serialized .NET data via the '/ProjectCenter.rem' endpoint on 9003/tcp, allowing a remote, unauthenticated attacker to execute arbitrary code with 'NT AUTHORITY\NetworkService' privileges. According to the recommended architecture, the vulnerable NPCS...

PT-2025-41467

Name of the Vulnerable Software and Affected Versions Newforma Project Center Server NPCS affected versions not specified Description Newforma Project Center Server NPCS allows a remote, unauthenticated attacker to execute arbitrary code with 'NT AUTHORITYNetworkService' privileges. This is...

TCL LinkHub Mesh Wifi confctl_get_guest_wlan information disclosure vulnerability

Talos Vulnerability Report TALOS-2022-1503 TCL LinkHub Mesh Wifi confctlgetguestwlan information disclosure vulnerability August 1, 2022 CVE Number CVE-2022-27633 SUMMARY An information disclosure vulnerability exists in the confctlgetguestwlan functionality of TCL LinkHub Mesh Wifi MS1G0001.0014...

IDenticard PremiSys (Update A)

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low skill level to exploit/vulnerability details have been publicly disclosed Vendor: IDenticard Equipment: PremiSys Vulnerabilities: Use of Hard-coded Credentials, Use of Hard-coded Password, Inadequate Encryption Strength 2...

CVE-2019-3906

Premisys Identicard version 3.1.190 contains hardcoded credentials in the WCF service on port 9003. An authenticated remote attacker can use these credentials to access the badge system database and modify its contents...

CVE-2019-3906

Premisys Identicard version 3.1.190 contains hardcoded credentials in the WCF service on port 9003. An authenticated remote attacker can use these credentials to access the badge system database and modify its contents...

Hardcoded credentials

Premisys Identicard version 3.1.190 contains hardcoded credentials in the WCF service on port 9003. An authenticated remote attacker can use these credentials to access the badge system database and modify its contents...

CVE-2019-3906

CVE-2019-3906 affects IDenticard PremiSys (Identicard) Identicard 3.1.190. The root cause is use of hard-coded credentials in the PremiSys WCF service (port 9003), enabling an authenticated remote attacker to access/modify the badge system database with admin privileges. Mitigation per ICS-CERT U...

PT-2019-16761 · Premisys · Premisys Identicard

Name of the Vulnerable Software and Affected Versions: Premisys Identicard version 3.1.190 Description: The issue concerns hardcoded credentials in the WCF service on port 9003. An authenticated remote attacker can exploit these credentials to access and modify the badge system database...