6173 matches found
CVE-2026-36738
U-SPEED AC1200 Gigabit Wi-Fi Router Model: T18-21K V1.0 is vulnerable to Incorrect Access Control. The device exposes a UART interface that lacks authentication, authorization, or access control mechanisms. An attacker with physical access to the UART pins can connect to the interface and gain...
CVE-2020-37220
Huawei HG630 V2 router contains an authentication bypass vulnerability that allows unauthenticated attackers to obtain administrative access by retrieving the device serial number. Attackers can query the /api/system/deviceinfo endpoint without authentication to extract the SerialNumber field, th...
CVE-2026-43488
In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Prevent interrupt storm on host controller error HCE The xHCI controller reports a Host Controller Error HCE in UAS Storage Device plug/unplug scenarios on Android devices. HCE is checked in xhciirq function and causes...
UBUNTU-CVE-2026-43488
In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Prevent interrupt storm on host controller error HCE The xHCI controller reports a Host Controller Error HCE in UAS Storage Device plug/unplug scenarios on Android devices. HCE is checked in xhciirq function and causes...
CVE-2026-43488
In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Prevent interrupt storm on host controller error HCE The xHCI controller reports a Host Controller Error HCE in UAS Storage Device plug/unplug scenarios on Android devices. HCE is checked in xhciirq function and causes...
CVE-2020-37220
Huawei HG630 V2 router is affected by an authentication-bypass vulnerability where an unauthenticated attacker can obtain administrative access by querying /api/system/deviceinfo to retrieve the SerialNumber and using its last 8 characters as the login password. The connected CVE entry provides t...
CVE-2020-37220 Huawei HG630 V2 Router Authentication Bypass via Serial Number
Huawei HG630 V2 router contains an authentication bypass vulnerability that allows unauthenticated attackers to obtain administrative access by retrieving the device serial number. Attackers can query the /api/system/deviceinfo endpoint without authentication to extract the SerialNumber field, th...
CVE-2020-37220 Huawei HG630 V2 Router Authentication Bypass via Serial Number
Huawei HG630 V2 router contains an authentication bypass vulnerability that allows unauthenticated attackers to obtain administrative access by retrieving the device serial number. Attackers can query the /api/system/deviceinfo endpoint without authentication to extract the SerialNumber field, th...
CVE-2020-37220
Huawei HG630 V2 router contains an authentication bypass vulnerability that allows unauthenticated attackers to obtain administrative access by retrieving the device serial number. Attackers can query the /api/system/deviceinfo endpoint without authentication to extract the SerialNumber field, th...
SUSE CVE-2026-43180
In the Linux kernel, the following vulnerability has been resolved: net: usb: kaweth: remove TX queue manipulation in kawethsetrxmode kawethsetrxmode, the ndosetrxmode callback, calls netifstopqueue and netifwakequeue. These are TX queue flow control functions unrelated to RX multicast...
SUSE CVE-2026-43429
In the Linux kernel, the following vulnerability has been resolved: USB: usbtmc: Use usbbulkmsgkillable with user-specified timeouts The usbtmc driver accepts timeout values specified by the user in an ioctl command, and uses these timeouts for some usbbulkmsg calls. Since the user can specify...
SUSE CVE-2026-43458
In the Linux kernel, the following vulnerability has been resolved: serial: caif: hold tty-link reference in ldiscopen and serrelease A reproducer triggers a KASAN slab-use-after-free in ptywriteroom when caifserial's TX path calls ttywriteroom. The faulting access is on tty-link-port. Hold an...
CVE-2026-36738
U-SPEED AC1200 Gigabit Wi-Fi Router Model: T18-21K V1.0 is vulnerable to Incorrect Access Control. The device exposes a UART interface that lacks authentication, authorization, or access control mechanisms. An attacker with physical access to the UART pins can connect to the interface and gain...
CVE-2026-36738
CVE-2026-36738 affects the U-SPEED AC1200 Gigabit Wi‑Fi Router (Model: T18-21K, V1.0). The UART interface is exposed with no authentication/authorization, allowing a physically present attacker to access device functionality unrestrictedly. Documents do not specify affected firmware versions, exp...
U-SPEED AC1200 安全漏洞
The U-SPEED AC1200 is a Gigabit dual-band Wi-Fi router produced by the U-SPEED company. The U-SPEED AC1200 Gigabit Wi-Fi Router T18-21K V1.0 version has a security vulnerability. This vulnerability stems from improper access control; the UART interface exposed by the device lacks an authenticatio...
PT-2026-40707
Hiseeu C90 v5.7.15 is vulnerable to Insecure Permissions. The UART bootloader is accessible when battery is disconnected hidden/debug mode...
Huawei HG630 信任管理问题漏洞
The Huawei HG630 is a home broadband wireless router gateway device produced by the Chinese company Huawei. The Huawei HG630 V2 has a trust management vulnerability; this issue stems from an authentication bypass mechanism, which allows unauthorized attackers to obtain administrative access by...
Hiseeu C90 安全漏洞
Hiseeu C90 is a 4MP solar-powered wireless security camera produced by Hiseeu Corporation in China. The Hiseeu C90 version 5.7.15 contains a security vulnerability. This vulnerability stems from improper permission settings, allowing the UART bootloader to be accessed when the battery is...
PT-2026-40705
U-SPEED AC1200 Gigabit Wi-Fi Router Model: T18-21K V1.0 is vulnerable to Incorrect Access Control. The device exposes a UART interface that lacks authentication, authorization, or access control mechanisms. An attacker with physical access to the UART pins can connect to the interface and gain...
PT-2026-40621
Huawei HG630 V2 router contains an authentication bypass vulnerability that allows unauthenticated attackers to obtain administrative access by retrieving the device serial number. Attackers can query the /api/system/deviceinfo endpoint without authentication to extract the SerialNumber field, th...