Lucene search
K

898 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 12:26 p.m.6 views

CVE-2018-12260

An issue was discovered on Momentum Axel 720P 5.1.8 devices. The root password can be obtained in cleartext by issuing the command 'showKey' from the root CLI. This password may be the same on all devices...

6.7CVSS7.2AI score0.00376EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:11 a.m.8 views

CVE-2016-10862

Neet AirStream NAS1.1 devices have a password of ifconfig for the root account. This cannot be changed via the configuration page...

8.8CVSS7.3AI score0.00636EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:4 a.m.5 views

CVE-2016-2360

Milesight IP security cameras through 2016-11-14 have a default root password in /etc/shadow that is the same across different customers' installations...

9.8CVSS7.2AI score0.02064EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:47 a.m.8 views

CVE-2022-31211

An issue was discovered in Infiray IRAY-A8Z3 1.0.957. There is a blank root password for TELNET by default...

10CVSS7.2AI score0.01489EPSS
Exploits2References1
NVD
NVD
added 2026/01/08 9:15 p.m.12 views

CVE-2025-68716

KAYSUS KS-WR3600 routers with firmware 1.0.5.9.1 enable the SSH service enabled by default on the LAN interface. The root account is configured with no password, and administrators cannot disable SSH or enforce authentication via the CLI or web GUI. This allows any LAN-adjacent attacker to...

8.4CVSS0.00216EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/01/08 12:0 a.m.6 views

CVE-2025-68718

KAYSUS KS-WR1200 routers with firmware 107 expose SSH and TELNET services on the LAN interface with hardcoded root credentials root:12345678. The administrator cannot disable these services or change the hardcoded password. Changing the management GUI password does not affect SSH/TELNET...

6.8AI score0.00295EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/01/08 12:0 a.m.20 views

CVE-2025-68716

KAYSUS KS-WR3600 routers with firmware 1.0.5.9.1 enable the SSH service enabled by default on the LAN interface. The root account is configured with no password, and administrators cannot disable SSH or enforce authentication via the CLI or web GUI. This allows any LAN-adjacent attacker to...

0.00216EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/01/08 12:0 a.m.3 views

CVE-2025-68716

KAYSUS KS-WR3600 routers with firmware 1.0.5.9.1 enable the SSH service enabled by default on the LAN interface. The root account is configured with no password, and administrators cannot disable SSH or enforce authentication via the CLI or web GUI. This allows any LAN-adjacent attacker to...

7.6AI score0.00216EPSS
Exploits0References3
CVE
CVE
added 2026/01/08 12:0 a.m.17 views

CVE-2025-68716

KAYSUS KS-WR3600 routers with firmware 1.0.5.9.1 expose SSH on the LAN with the root account lacking a password, and allow no disable/authentication option via CLI or web GUI. This configuration enables any LAN-adjacent attacker to obtain a root shell and run commands with full privileges. The pu...

8.4CVSS7.6AI score0.00216EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/01/08 12:0 a.m.10 views

PT-2026-1918

Name of the Vulnerable Software and Affected Versions KAYSUS KS-WR3600 version 1.0.5.9.1 Description KAYSUS KS-WR3600 routers with firmware version 1.0.5.9.1 have the SSH service enabled by default on the LAN interface. The root account is configured without a password, and administrators are...

8.4CVSS7.2AI score0.00216EPSS
Exploits0References9
CNNVD
CNNVD
added 2026/01/08 12:0 a.m.6 views

KAYSUS KS-WR3600 安全漏洞

The KAYSUS KS-WR3600 is a wireless router from the Chinese company KAYSUS. A security vulnerability exists in the KAYSUS KS-WR3600, which stems from the SSH service being enabled by default and the root account not having a password, which could lead to arbitrary command execution...

8.4CVSS7.1AI score0.00216EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/01/07 9:29 a.m.5 views

CVE-2019-12301

The Percona Server 5.6.44-85.0-1 packages for Debian and Ubuntu suffered an issue where the server would reset the root password to a blank value upon an upgrade. This was fixed in 5.6.44-85.0-2...

10CVSS7.1AI score0.0197EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/10 9:16 p.m.7 views

CVE-2023-53771

MiniDVBLinux 5.4 contains an authentication bypass vulnerability that allows remote attackers to change the root password without authentication. Attackers can send crafted POST requests to the system setup endpoint with modified SYSTEMPASSWORD parameters to reset root credentials...

9.8CVSS7.4AI score0.00866EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/12/10 8:36 a.m.5 views

CVE-2025-41692

A high privileged remote attacker with admin privileges for the webUI can brute-force the "root" and "user" passwords of the underlying OS due to a weak password generation algorithm...

6.8CVSS6.9AI score0.0025EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/09 9:31 p.m.5 views

EUVD-2023-60181

MiniDVBLinux 5.4 contains an authentication bypass vulnerability that allows remote attackers to change the root password without authentication. Attackers can send crafted POST requests to the system setup endpoint with modified SYSTEMPASSWORD parameters to reset root credentials...

9.3CVSS6.9AI score0.00866EPSS
Exploits1References5
OSV
OSV
added 2025/12/09 9:15 p.m.3 views

CVE-2023-53771

MiniDVBLinux 5.4 contains an authentication bypass vulnerability that allows remote attackers to change the root password without authentication. Attackers can send crafted POST requests to the system setup endpoint with modified SYSTEMPASSWORD parameters to reset root credentials...

9.8CVSS5.9AI score0.00866EPSS
Exploits1References4
NVD
NVD
added 2025/12/09 9:15 p.m.7 views

CVE-2023-53771

MiniDVBLinux 5.4 contains an authentication bypass vulnerability that allows remote attackers to change the root password without authentication. Attackers can send crafted POST requests to the system setup endpoint with modified SYSTEMPASSWORD parameters to reset root credentials...

9.8CVSS0.00866EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/12/09 8:54 p.m.5 views

CVE-2023-53771 MiniDVBLinux 5.4 Unauthenticated Root Password Change via System Setup

MiniDVBLinux 5.4 contains an authentication bypass vulnerability that allows remote attackers to change the root password without authentication. Attackers can send crafted POST requests to the system setup endpoint with modified SYSTEMPASSWORD parameters to reset root credentials...

9.3CVSS7AI score0.00866EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/12/09 8:54 p.m.26 views

CVE-2023-53771 MiniDVBLinux 5.4 Unauthenticated Root Password Change via System Setup

MiniDVBLinux 5.4 contains an authentication bypass vulnerability that allows remote attackers to change the root password without authentication. Attackers can send crafted POST requests to the system setup endpoint with modified SYSTEMPASSWORD parameters to reset root credentials...

9.3CVSS0.00866EPSS
Exploits1References4
CVE
CVE
added 2025/12/09 8:54 p.m.16 views

CVE-2023-53771

CVE-2023-53771 affects MiniDVBLinux 5.4. The vulnerability is an authentication bypass in the system-setup endpoint: remote attackers can craft POST requests with modified SYSTEM_PASSWORD to reset the root password. This is evidenced by multiple sources (Red Hat, EUVD, NVD, CVE lists) describing ...

9.8CVSS7AI score0.00866EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder