Lucene search
+L

689 matches found

NVD
NVD
added 2026/02/15 11:15 a.m.10 views

CVE-2025-32063

There is a misconfiguration vulnerability inside the Infotainment ECU manufactured by BOSCH. The vulnerability happens during the startup phase of a specific systemd service, and as a result, the following developer features will be activated: the disabled firewall and the launched SSH server...

6.8CVSS0.00232EPSS
Exploits0References3
OSV
OSV
added 2026/02/06 2:16 a.m.10 views

CVE-2026-1972

A vulnerability was found in Edimax BR-6208AC 21.02. The affected element is the function authcheckuserpass2. Performing a manipulation of the argument Username/Password results in use of default credentials. The attack may be initiated remotely. The exploit has been made public and could be used...

7.5CVSS5.5AI score0.00598EPSS
Exploits1References4
NVD
NVD
added 2026/02/03 6:16 p.m.9 views

CVE-2020-37116

GUnet OpenEclass 1.7.3 includes phpMyAdmin 2.10.0.2 by default, which allows remote logins. Attackers with access to the platform can remotely access phpMyAdmin and, after uploading a shell, view the config.php file to obtain the MySQL password, leading to full database compromise...

8.8CVSS0.00415EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/02/03 4:52 p.m.5 views

CVE-2020-37116

GUnet OpenEclass 1.7.3 includes phpMyAdmin 2.10.0.2 by default, which allows remote logins. Attackers with access to the platform can remotely access phpMyAdmin and, after uploading a shell, view the config.php file to obtain the MySQL password, leading to full database compromise...

8.8CVSS5.5AI score0.00415EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2026/02/03 12:0 a.m.8 views

PT-2026-5861

GUnet OpenEclass 1.7.3 includes phpMyAdmin 2.10.0.2 by default, which allows remote logins. Attackers with access to the platform can remotely access phpMyAdmin and, after uploading a shell, view the config.php file to obtain the MySQL password, leading to full database compromise...

8.8CVSS5.5AI score0.00415EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2026/01/30 12:0 a.m.18 views

PT-2026-5404

A vulnerability was identified in D-Link DIR-823X 250416. This vulnerability affects the function sub 40AC74 of the component Login. Such manipulation leads to improper restriction of excessive authentication attempts. The attack may be performed from remote. This attack is characterized by high...

6.3CVSS5.5AI score0.00987EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/01/27 3:23 p.m.12 views

CVE-2025-59103

The Access Manager 92xx in hardware revision K7 is based on Linux instead of Windows CE embedded in older hardware revisions. In this new hardware revision it was noticed that an SSH service is exposed on port 22. By analyzing the firmware of the devices, it was noticed that there are two users...

9.2CVSS5.8AI score0.00403EPSS
Exploits0References1
Packet Storm News
Packet Storm News
added 2026/01/27 12:0 a.m.7 views

SSH Key Persistence

This Metasploit module will add an SSH key to a specified user or all, to allow remote login via SSH at any time. No payload is required for this module to work. If an SSH key is not provided, a new 4096 bit RSA keypair will be generated. The private key will be stored as loot for later use...

5.9AI score
Exploits0
CVE
CVE
added 2026/01/26 10:5 a.m.19 views

CVE-2025-59103

CVE-2025-59103 concerns the Access Manager 92xx hardware revision K7. The Red Hat/NVD/CVE entries describe an SSH service exposed on port 22 with two users that have hardcoded and weak passwords, allowing SSH access. A key root-cause is that password randomization on first deployment is condition...

9.2CVSS5.8AI score0.00403EPSS
Exploits0References3
The Hacker News
The Hacker News
added 2026/01/22 4:30 p.m.11 views

Critical GNU InetUtils telnetd Flaw Lets Attackers Bypass Login and Gain Root Access

A critical security flaw has been disclosed in the GNU InetUtils telnet daemon telnetd that went unnoticed for nearly 11 years. The vulnerability, tracked as CVE-2026-24061 , is rated 9.8 out of 10.0 on the CVSS scoring system. It affects all versions of GNU InetUtils from version 1.9.3 up to and...

9.8CVSS6.6AI score0.98871EPSS
Exploits62
RedhatCVE
RedhatCVE
added 2026/01/09 12:30 p.m.5 views

CVE-2023-40303

GNU inetutils before 2.5 may allow privilege escalation because of unchecked return values of setid family functions in ftpd, rcp, rlogin, rsh, rshd, and uucpd. This is, for example, relevant if the setuid system call fails when a process is trying to drop privileges before letting an ordinary us...

7.8CVSS7.1AI score0.0039EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:18 a.m.9 views

CVE-2019-18988

TeamViewer Desktop through 14.7.1965 allows a bypass of remote-login access control because the same key is used for different customers' installations. It used a shared AES key for all installations since at least as far back as v7.0.43148, and used it for at least OptionsPasswordAES in the...

7CVSS6.6AI score0.04707EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:35 a.m.6 views

CVE-2024-41611

In D-Link DIR-860L REVA FIRMWARE PATCH 1.10..B04, the Telnet service contains hardcoded credentials, enabling attackers to log in remotely to the Telnet service and perform arbitrary commands...

9.8CVSS7.1AI score0.00776EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:2 a.m.6 views

CVE-2023-25131

Use of default password vulnerability in PowerPanel Business Local/Remote for Windows v4.8.6 and earlier, PowerPanel Business Management for Windows v4.8.6 and earlier, PowerPanel Business Local/Remote for Linux 32bit v4.8.6 and earlier, PowerPanel Business Local/Remote for Linux 64bit v4.8.6 and...

9.8CVSS7AI score0.00968EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:1 a.m.9 views

CVE-2023-43016

IBM Security Access Manager Container IBM Security Verify Access Appliance 10.0.0.0 through 10.0.6.1 and IBM Security Verify Access Docker 10.0.0.0 through 10.0.6.1 could allow a remote user to log into the server due to a user account with an empty password. IBM X-Force ID: 266154...

7.3CVSS6.5AI score0.00713EPSS
Exploits1References1
CVE
CVE
added 2026/01/08 12:0 a.m.19 views

CVE-2025-68718

KAYSUS KS-WR1200 routers, firmware 107, expose SSH and TELNET on the LAN interface with hardcoded credentials (root:12345678). The administrator cannot disable these services or change the hardcoded password, and changing the management GUI password has no effect on SSH/TELNET authentication. Any...

5.4CVSS6.8AI score0.00295EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2026/01/08 12:0 a.m.20 views

CVE-2025-68716

KAYSUS KS-WR3600 routers with firmware 1.0.5.9.1 expose SSH on the LAN with the root account lacking a password, and allow no disable/authentication option via CLI or web GUI. This configuration enables any LAN-adjacent attacker to obtain a root shell and run commands with full privileges. The pu...

8.4CVSS7.6AI score0.00216EPSS
Exploits0References3Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/07 9:27 a.m.7 views

CVE-2019-12920

On Shenzhen Cylan Clever Dog Smart Camera DOG-2W and DOG-2W-V4 devices, an attacker on the network can login remotely to the camera and gain root access. The device ships with a hardcoded 12345678 password for the root account, accessible from a TELNET login prompt...

10CVSS7.3AI score0.0228EPSS
Exploits0References1
CVE
CVE
added 2025/12/31 6:39 p.m.14 views

CVE-2021-47744

Cypress Solutions CTM-200/CTM-ONE 1.3.6 contains a hard-coded credentials issue in its Linux distribution, exposing remote root access via the static password 'Chameleon' over Telnet or SSH. Public sources note potential remote root compromise for affected devices; CVSS metrics in the entry indic...

9.3CVSS7AI score0.00282EPSS
Exploits1References4
EUVD
EUVD
added 2025/12/22 3:27 a.m.5 views

EUVD-2025-204688

Enterprise Cloud Database developed by Ragic has a Hard-coded Cryptographic Key vulnerability, allowing unauthenticated remote attackers to exploit the fixed key to generate verification information and log into the system as any user...

9.8CVSS6.4AI score0.0045EPSS
Exploits0References3
Rows per page
Query Builder