PT-2025-43061

Name of the Vulnerable Software and Affected Versions Ghost Robotics Vision 60 version 0.27.2 Description The Ghost Robotics Vision 60 APK version 0.27.2 contains exposed encrypted WiFi and SSH credentials. An attacker can connect to the robot’s WiFi network and access all its data, as the system...

CVE-2025-11534 Authentication Bypass Using an Alternate Path or Channel in Raisecomm RAX701-GC Series

The affected Raisecom devices allow SSH sessions to be established without completing user authentication. This could allow attackers to gain shell access without valid credentials...

CVE-2025-11534 Authentication Bypass Using an Alternate Path or Channel in Raisecomm RAX701-GC Series

The affected Raisecom devices allow SSH sessions to be established without completing user authentication. This could allow attackers to gain shell access without valid credentials...

EUVD-2025-25789

Malicious code in bioql PyPI...

CVE-2025-10650 Improper SSH Key Handling in Internal Debug Builds May Grant Cluster-Level Access to Non-Administrative Users

SoftIron HyperCloud 2.5.0 through 2.6.3 may incorrectly add user SSH keys to the administrator-level authorized keys under certain conditions, allowing unauthorized privilege escalation to admin via SSH. Affects non-production debug and internal development builds created between versions 2.5.0 a...

CVE-2025-55075

Hidden functionality issue exists in WN-7D36QR and WN-7D36QR/UE. If this vulnerability is exploited, SSH may be enabled by a remote authenticated attacker...

CVE-2025-55075

CVE-2025-55075 affects I-O DATA WN-7D36QR and WN-7D36QR/UE. A hidden functionality issue may allow a remote authenticated attacker to enable SSH. Impact is that SSH could be enabled remotely (no user interaction required). The issue is exploitable over the network with privileges required as High...

PT-2025-36260

Name of the Vulnerable Software and Affected Versions: PTZOptics and ValueHD-based pan-tilt-zoom cameras affected versions not specified Description: PTZOptics and ValueHD-based pan-tilt-zoom cameras utilize hard-coded, default administrative credentials. These credentials can be easily...

CVE-2025-50753

Mitrastar GPT-2741GNAC-N2 devices are provided with access through ssh into a restricted default shell.The command "deviceinfo show file" is supposed to be used from restricted shell to show files and directories. By providing " /bin/sh" quotes included to the argument of this command will drop a...

CVE-2025-36120

IBM Storage Virtualize 8.4, 8.5, 8.6, and 8.7 could allow an authenticated user to escalate their privileges in an SSH session due to incorrect authorization checks to access resources...

CVE-2025-36120

CVE-2025-36120 affects IBM Storage Virtualize 8.4–8.7 and can allow an authenticated user to escalate privileges in an SSH session due to incorrect authorization checks when accessing resources. The IBM Security Bulletin details the vulnerability under CWE-863 (Incorrect Authorization) and lists ...

FIRSTNUM JC21A-04 安全漏洞

The FIRSTNUM JC21A-04 is a router from the Chinese company FIRSTNUM. A security vulnerability exists in the FIRSTNUM JC21A-04 version 2.01ME/FN and prior versions, which stems from the SSH service being enabled by default and using root/admin credentials...

CVE-2025-29629

Gardyn Home Kit firmware before master.619, Home Kit Mobile Application before 2.11.0, and Home Kit Cloud API before 2.12.2026 uses weak default credentials for secure shell access. This may result in attackers gaining access to exposed Gardyn Home Kits...

Cisco Integrated Management Controller 安全漏洞

Cisco Integrated Management Controller IMC is a suite of software from Cisco USA for the management of UCS Unified Computing System. The software supports HTTP, SSH access, etc., and allows operations such as powering up, shutting down, and rebooting servers. A security vulnerability exists in...

The vulnerability of the Data Manager component of Siemens SENTRON 7KT PAC1260, a multi-functional device for measuring parameters of electrical circuits, allows a hacker to gain unauthorized access to the device.

The vulnerability of the Data Manager component of Siemens SENTRON 7KT PAC1260 multi-functional measurement devices for electrical networks lies in the lack of authentication for a critical function. Exploiting this vulnerability can allow an unauthorized attacker to gain unauthorized access to t...

Siemens SENTRON 7KT PAC1260 Data Manager 访问控制错误漏洞

Siemens SENTRON 7KT PAC1260 Data Manager is a device for power monitoring and energy management from Siemens Germany. An Access Control Error vulnerability exists in the Siemens SENTRON 7KT PAC1260 Data Manager, which originates from an unauthenticated SSH service enabled endpoint, and can be...

PT-2025-7536 · Cisco · Cisco Desk Phone 9800 Series +1

Name of the Vulnerable Software and Affected Versions: Cisco Video Phone 8875 and Cisco Desk Phone 9800 Series affected versions not specified Description: A vulnerability in the debug shell of the affected devices could allow an authenticated, local attacker to access sensitive information on th...

CVE-2024-26155

All versions of ETIC Telecom Remote Access Server RAS prior to 4.5.0 expose clear text credentials in the web portal. An attacker can access the ETIC RAS web portal and view the HTML code, which is configured to be hidden, thus allowing a connection to the ETIC RAS ssh server, which could enable ...

Gogs 安全漏洞

Gogs Go Git Service is a self-service Git hosting service based on the Go language by the Gogs team, which supports creating and migrating public/private repositories, adding and deleting repository collaborators, and so on. A security vulnerability exists in Gogs versions prior to 0.13.1, which...

MOBATIME Network Master Clock 安全漏洞

MOBATIME Network Master Clock is a clock program from MOBATIME, Inc. It is used to build and run large-scale clock systems. A security vulnerability exists in MOBATIME Network Master Clock DTS 4801. An attacker exploiting this vulnerability could gain initial access via SSH using default...