Lucene search
K

897 matches found

GithubExploit
GithubExploit
added 2026/04/23 11:22 p.m.89 views

Exploit for OS Command Injection in Zyxel Vmg8623-T50B_Firmware

CVE-2026-1459-POC POC for the CVE-2026-1459 which payload c...

7.2CVSS5.8AI score0.00902EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2026/04/09 7:22 p.m.3 views

CVE-2025-57175

Siklu EtherHaul 8010 siklu-uimage-nxp-enc-1062-18707-ea552dc00b devices have a static root password...

6.4CVSS5.9AI score0.00127EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/08 6:34 p.m.5 views

EUVD-2025-209317

Siklu EtherHaul 8010 siklu-uimage-nxp-enc-1062-18707-ea552dc00b devices have a static root password...

6.4CVSS5.9AI score0.00127EPSS
Exploits0References2
NVD
NVD
added 2026/04/08 5:20 p.m.2 views

CVE-2025-57175

Siklu EtherHaul 8010 siklu-uimage-nxp-enc-1062-18707-ea552dc00b devices have a static root password...

6.8CVSS0.00127EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/08 12:0 a.m.22 views

CVE-2025-57175

Siklu EtherHaul 8010 siklu-uimage-nxp-enc-1062-18707-ea552dc00b devices have a static root password...

6.4CVSS0.00127EPSS
Exploits0References1
CVE
CVE
added 2026/04/08 12:0 a.m.14 views

CVE-2025-57175

CVE-2025-57175 affects Siklu EtherHaul 8010 devices (image siklu-uimage-nxp-enc-10_6_2-18707-ea552dc00b). The root cause is a static root password present in the affected firmware image. Impact is stated as high confidentiality/integrity/availability (per CVSS) with physical attack vector and hig...

6.8CVSS5.9AI score0.00127EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2026/04/08 12:0 a.m.6 views

Siklu EtherHaul 安全漏洞

Siklu EtherHaul is a series of millimeter-wave wireless transmission devices developed by Siklu Corporation. The Siklu EtherHaul 8010 siklu-uimage-nxp-enc-1062-18707-ea552dc00b version contains a security vulnerability, which stems from the presence of a static root password...

6.4CVSS5.8AI score0.00127EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/08 12:0 a.m.3 views

CVE-2025-57175

Siklu EtherHaul 8010 siklu-uimage-nxp-enc-1062-18707-ea552dc00b devices have a static root password...

6.4CVSS5.9AI score0.00127EPSS
Exploits0References1
CVE
CVE
added 2026/03/26 7:0 p.m.15 views

CVE-2026-26213

The CVE-2026-26213 issue affects thingino-firmware up to firmware-2026-03-16, where an unauthenticated OS command injection exists in the WiFi captive portal CGI script. An attacker can inject malicious code through unsanitized HTTP parameter names, exploiting eval in parse_query() and parse_post...

9.8CVSS6.8AI score0.06239EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/03/13 7:54 p.m.3 views

CVE-2026-22209

thingino-firmware up to commit e3f6a41 published on 2026-03-15 contains an unauthenticated os command injection vulnerability in the WiFi captive portal CGI script that allows remote attackers to execute arbitrary commands as root by injecting malicious code through unsanitized HTTP parameter...

8.8CVSS6.7AI score
Exploits0References2
EUVD
EUVD
added 2026/03/10 9:32 p.m.19 views

EUVD-2025-208538

Tenda i24V3.0si V3.0.0.5 Firmware V3.0.0.5 was discovered to contain a hardcoded password vulnerability in /etcro/shadow, which allows attackers to log in as root...

5.8AI score0.00179EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/03/10 12:0 a.m.5 views

PT-2026-24432

Name of the Vulnerable Software and Affected Versions Tenda G1V3.1si version V16.01.7.8 Description The firmware contains a hardcoded password, located in the '/etc ro/shadow' file, that allows attackers to gain root access. The vulnerable file is '/etc ro/shadow'. Recommendations Update to a new...

8.4CVSS5.8AI score0.00179EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2026/03/10 12:0 a.m.7 views

PT-2026-24431

Name of the Vulnerable Software and Affected Versions Tenda i24V3.0si version 3.0.0.5 Description The firmware contains a hardcoded password, allowing attackers to log in as root. The hardcoded password is located in the '/etc ro/shadow' file. Recommendations Update to a newer version that...

8.4CVSS5.8AI score0.00179EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2026/03/05 1:39 p.m.5 views

CVE-2026-29120

The /root/anaconda-ks.cfg installation configuration file in International Datacasting Corporation IDC SFX SeriesSFX2100 SuperFlex Satellite Receiver insecurely stores the hardcoded root password hash. The password itself is highly insecure and susceptible to offline dictionary attacks using the...

9.2CVSS5.9AI score0.00142EPSS
Exploits1References1
EUVD
EUVD
added 2026/03/04 9:31 a.m.18 views

EUVD-2026-9375

The /root/anaconda-ks.cfg installation configuration file in International Datacasting Corporation IDC SFX SeriesSFX2100 SuperFlex Satellite Receiver insecurely stores the hardcoded root password hash. The password itself is highly insecure and susceptible to offline dictionary attacks using the...

9.2CVSS5.9AI score0.00142EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/03/04 8:10 a.m.4 views

CVE-2026-29120 Insecure, Hardcoded Root Password Stored in Anaconda Configuration File On IDC SFX2100 Satellite Receiver

The /root/anaconda-ks.cfg installation configuration file in International Datacasting Corporation IDC SFX SeriesSFX2100 SuperFlex Satellite Receiver insecurely stores the hardcoded root password hash. The password itself is highly insecure and susceptible to offline dictionary attacks using the...

9.2CVSS5.9AI score0.00142EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/03/04 8:10 a.m.6 views

CVE-2026-29120

The /root/anaconda-ks.cfg installation configuration file in International Datacasting Corporation IDC SFX SeriesSFX2100 SuperFlex Satellite Receiver insecurely stores the hardcoded root password hash. The password itself is highly insecure and susceptible to offline dictionary attacks using the...

9.2CVSS5.9AI score0.00142EPSS
Exploits1References2
CVE
CVE
added 2026/03/04 8:10 a.m.26 views

CVE-2026-29120

Technical details beyond what’s in the Initial Description are not publicly provided in the connected documents. Monitor for updates to the CVE-2026-29120 entry as new disclosures may clarify affected components, impact, or remediation.

9.2CVSS5.9AI score0.00142EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/04 12:0 a.m.10 views

PT-2026-22883

Name of the Vulnerable Software and Affected Versions IDC SFX SeriesSFX2100 SuperFlex Satellite Receiver affected versions not specified Description The /root/anaconda-ks.cfg installation configuration file insecurely stores a hardcoded root password hash. This password is highly susceptible to...

9.2CVSS5.9AI score0.00142EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2026/01/09 12:26 p.m.6 views

CVE-2018-12260

An issue was discovered on Momentum Axel 720P 5.1.8 devices. The root password can be obtained in cleartext by issuing the command 'showKey' from the root CLI. This password may be the same on all devices...

6.7CVSS7.2AI score0.00376EPSS
Exploits1References1
Rows per page
Query Builder