15 matches found
EUVD-2015-5973
Malware in sbrugna...
EUVD-2017-5166
Malware in sbrugna...
CVE-2025-22968
An issue in D-Link DWR-M972V 1.05SSG allows a remote attacker to execute arbitrary code via SSH using root account without restrictions...
CVE-2024-53938
An issue was discovered in Victure RX1800 WiFi 6 Router software ENV1.0.0r12110933, hardware 1.0 devices. The TELNET service is enabled by default and exposed over the LAN. The root account is accessible without a password, allowing attackers to achieve full control over the router remotely witho...
CVE-2018-20869
cPanel before 76.0.8 allows arbitrary code execution in the context of the root account via dnssec adminbin SEC-465...
CVE-2017-18390
cPanel before 68.0.15 allows code execution in the context of the root account because of weak permissions on incremental backups SEC-322...
CVE-2023-31427
Brocade Fabric OS versions before Brocade Fabric OS v9.1.1c, and v9.2.0 Could allow an authenticated, local user with knowledge of full path names inside Brocade Fabric OS to execute any command regardless of assigned privilege. Starting with Fabric OS v9.1.0, “root” account access is disabled...
CVE-2025-22968
An issue in D-Link DWR-M972V 1.05SSG allows a remote attacker to execute arbitrary code via SSH using root account without restrictions...
CVE-2013-1359
An Authentication Bypass Vulnerability exists in DELL SonicWALL Analyzer 7.0, Global Management System GMS 4.1, 5.0, 5.1, 6.0, and 7.0; Universal Management Appliance UMA 5.1, 6.0, and 7.0 and ViewPoint 4.1, 5.0, 5.1, and 6.0 via the skipSessionCheck parameter to the UMA interface /appliance/,...
Authentication flaw
cPanel before 74.0.0 allows file modification in the context of the root account because of incorrect HTTP authentication SEC-424...
CVE-2016-8717
An exploitable Use of Hard-coded Credentials vulnerability exists in the Moxa AWK-3131A Wireless Access Point running firmware 1.1. The device operating system contains an undocumented, privileged root account with hard-coded credentials, giving attackers full control of affected devices...
See how I in Switzerland's largest hosting providers in the system found a database disclosure vulnerability-vulnerability warning-the black bar safety net
! In the development of our latest security SaaS process, the product allows any user to test their server security level, we on our own site were detected. Since the site is hosted on Switzerland's largest hosting provider of taking into account the relevant legal issues, this article for the ti...
CVE-2017-11746
Tenshi 0.15 creates a tenshi.pid file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for tenshi.pid modification before a root script executes a "kill cat /pathname/tenshi.pid" command...
MySQL privelege escalation
By spoofing datadir/my.cnf with SELECT INTO it's possible to launch MySQL with any account, including root...
glFTPd 1.17.2 - Code Execution
source: https://www.securityfocus.com/bid/891/info GlFtpd is a popular alternative to the mainstream unix ftp daemons and is currently in wide use on the internet. There are three known serious vulnerabilities in GlFtpd. The first problem is an account which is created by default upon installatio...