FNKvision FNK-GU2 安全漏洞

FNKvision FNK-GU2 is a camera from FNKvision Thailand. A security vulnerability exists in the FNKvision FNK-GU2 version 40.1.7 and earlier, which stems from improper access control of the UART interface and could lead to the on-chip debug and test interface being exploited...

SIMulator: SIM Tracing on a (Pico-)Budget

SIM tracing -- the ability to inspect, modify, and relay communication between a SIM card and modem -- has become a significant technique in cellular network research. It enables essential security- and development-related applications such as fuzzing communication interfaces, extracting session...

CVE-2024-33374

Incorrect access control in the UART/Serial interface on the LB-LINK BL-W1210M v2.0 router allows attackers to access the root terminal without authentication...

CVE-2024-54127

This vulnerability exists in the TP-Link Archer C50 due to presence of terminal access on a serial interface without proper access control. An attacker with physical access could exploit this by accessing the UART shell on the vulnerable device. Successful exploitation of this vulnerability could...

CVE-2020-8157

UniFi Cloud Key firmware = v1.1.10 for Cloud Key gen2 and Cloud Key gen2 Plus contains a vulnerability that allows unrestricted root access through the serial interface UART...

goTenna V1 安全漏洞

goTenna V1 is a portable offline communication device from goTenna that enables long-range peer-to-peer communication between smartphones via mesh network technology. A security vulnerability exists in goTenna V1, which originates from sending data via UART and could lead to sensitive data leakag...

Macro-Video V380 安全漏洞

Macro-Video V380 is an IP camera from Macro-Video. A security vulnerability exists in Macro-Video V380 version 1020302, which originates in the UART component could lead to the execution of arbitrary code...

DEBIAN-CVE-2025-22067

In the Linux kernel, the following vulnerability has been resolved: spi: cadence: Fix out-of-bounds array access in cdnsmrvlxspisetupclock If requestedclk 128, cdnsmrvlxspisetupclock iterates over the entire cdnsmrvlxspiclkdivlist array without breaking out early, causing 'i' to go beyond the arr...

tty: xilinx_uartps: split sysrq handling

...

usb: gadget: u_serial: Fix the issue that gs_start_io crashed due to accessing null pointer

...

PT-2025-8779 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to the version containing the fix for the issue described Description: A specific error path in probe functions in wilc drivers can lead to a kernel panic. This issue is due to a recent change decoupling wiphy...

IXON IXrouter IX2400 安全漏洞

The IXON IXrouter IX2400 is an industrial router from the Dutch company IXON. A security vulnerability exists in the IXON IXrouter IX2400 version v3.0, which stems from the inclusion of hard-coded root credentials that allow a physically proximate attacker to gain root access via UART or SSH...

CVE-2025-26409

A serial interface can be accessed with physical access to the PCB of Wattsense Bridge devices. After connecting to the interface, access to the bootloader is possible, as well as a Linux login prompt. The bootloader access can be used to gain a root shell on the device. This issue is fixed in...

CVE-2025-26409

A serial interface can be accessed with physical access to the PCB of Wattsense Bridge devices. After connecting to the interface, access to the bootloader is possible, as well as a Linux login prompt. The bootloader access can be used to gain a root shell on the device. This issue is fixed...

CVE-2025-26409 Access to Bootloader and Shell Over Serial Interface

A serial interface can be accessed with physical access to the PCB of Wattsense Bridge devices. After connecting to the interface, access to the bootloader is possible, as well as a Linux login prompt. The bootloader access can be used to gain a root shell on the device. This issue is fixed...

CVE-2025-26409 Access to Bootloader and Shell Over Serial Interface

A serial interface can be accessed with physical access to the PCB of Wattsense Bridge devices. After connecting to the interface, access to the bootloader is possible, as well as a Linux login prompt. The bootloader access can be used to gain a root shell on the device. This issue is fixed...

PT-2025-6173 · Wattsense · Wattsense Bridge

Name of the Vulnerable Software and Affected Versions: Wattsense Bridge devices versions prior to BSP 6.4.1 Description: A serial interface can be accessed with physical access to the PCB of Wattsense Bridge devices. After connecting to the interface, access to the bootloader is possible, as well...

PT-2025-6174 · Wattsense · Wattsense Bridge

Name of the Vulnerable Software and Affected Versions: Wattsense Bridge versions prior to 6.4.1 Description: The firmware of all Wattsense Bridge devices contains the same hard-coded user and root credentials. The user password can be easily recovered via password cracking attempts. The recovered...

CVE-2024-54127 Exposure of Wi-Fi Credentials in Plaintext in TP-Link Archer C50

This vulnerability exists in the TP-Link Archer C50 due to presence of terminal access on a serial interface without proper access control. An attacker with physical access could exploit this by accessing the UART shell on the vulnerable device. Successful exploitation of this vulnerability could...

TP-Link Archer C50 安全漏洞

The TP-LINK Archer C50 is a wireless router from China P&L TP-LINK. A security vulnerability exists in the TP-Link Archer C50 prior to version V4 240917, which stems from terminal access on the serial interface that is not properly privileged, allowing an attacker to obtain Wi-Fi credentials on t...