Unspecified vulnerability in Enphase Energy Envoy (CNVD-2021-45766)

The Enphase Energy Envoy is a gateway device for connecting smart home devices from Enphase Energy USA. A security vulnerability exists in the Enphase Energy Envoy. The vulnerability stems from the default admin password being set to the last 6 digits of the serial number. The serial number can b...

D-Link DIR-2640-US Account Password Plaintext Storage Vulnerability

The D-Link DIR-2640-US is a network router device. A security vulnerability exists in the D-Link DIR-2640-US, which can be exploited by an attacker to easily log in to the target router via a serial port and gain root privileges...

CVE-2021-34204

D-Link DIR-2640-US 1.01B04 is affected by Insufficiently Protected Credentials. D-Link AC2600DIR-2640 stores the device system account password in plain text. It does not use linux user management. In addition, the passwords of all devices are the same, and they cannot be modified by normal users...

CVE-2020-25754

An issue was discovered on Enphase Envoy R3.x and D4.x devices. There is a custom PAM module for user authentication that circumvents traditional user authentication. This module uses a password derived from the MD5 hash of the username and serial number. The serial number can be retrieved by an...

CVE-2020-25753

An issue was discovered on Enphase Envoy R3.x and D4.x devices with v3 software. The default admin password is set to the last 6 digits of the serial number. The serial number can be retrieved by an unauthenticated user at /info.xml...

CVE-2020-25753

An issue was discovered on Enphase Envoy R3.x and D4.x devices with v3 software. The default admin password is set to the last 6 digits of the serial number. The serial number can be retrieved by an unauthenticated user at /info.xml...

Default credentials

An issue was discovered on Enphase Envoy R3.x and D4.x devices with v3 software. The default admin password is set to the last 6 digits of the serial number. The serial number can be retrieved by an unauthenticated user at /info.xml...

Authentication flaw

An issue was discovered on Enphase Envoy R3.x and D4.x devices. There is a custom PAM module for user authentication that circumvents traditional user authentication. This module uses a password derived from the MD5 hash of the username and serial number. The serial number can be retrieved by an...

CVE-2020-25754

An issue was discovered on Enphase Envoy R3.x and D4.x devices. There is a custom PAM module for user authentication that circumvents traditional user authentication. This module uses a password derived from the MD5 hash of the username and serial number. The serial number can be retrieved by an...

CVE-2020-25753

An issue was discovered on Enphase Envoy R3.x and D4.x devices with v3 software. The default admin password is set to the last 6 digits of the serial number. The serial number can be retrieved by an unauthenticated user at /info.xml...

D-Link DIR-2640-US 安全漏洞

The D-Link DIR-2640-US is a network router device. A security vulnerability exists in the D-Link DIR-2640-US, which can be exploited by an attacker to easily log in to the target router via a serial port and gain root privileges...

Enphase Envoy 安全漏洞

The Enphase Energy Envoy is a gateway device for connecting smart home devices from Enphase Energy USA. A security vulnerability exists in the Enphase Energy Envoy. The vulnerability stems from the default admin password being set to the last 6 digits of the serial number. The serial number can b...

Enphase Envoy 信任管理问题漏洞

The Enphase Energy Envoy is a gateway device for connecting smart home devices from Enphase Energy USA. The Enphase Energy Envoy has a trust management issue vulnerability that stems from the installer and Enphase accounts having hard-coded web panel login passwords, which are hard-coded values...

DEBIAN-CVE-2020-27661

A divide-by-zero issue was found in dwc2handlepacket in hw/usb/hcd-dwc2.c in the hcd-dwc2 USB host controller emulation of QEMU. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service...

kernel: malicious USB devices can lead to multiple out-of-bounds write

An out-of-bounds write flaw was found in the Linux kernel’s HID drivers. An attacker, able to plug in a malicious USB device, can crash the system or read and write to memory with an incorrect address...

PT-2024-11329

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak has been resolved in the Linux kernel. The issue occurred in the probe function when the final serial config fails, causing the info variable to leak. A resource handling...

The vulnerability of the serial interface converters NPort IA5150A/IA5250A, IA5450A lies in the lack of protection for transmitted data. This allows attackers to gain unauthorized access to protected information through Telnet connections.

The vulnerability of the serial interface converters NPort IA5150A/IA5250A, IA5450A lies in the lack of protection for transmitted data. Exploiting this vulnerability can allow an intruder to gain unauthorized access to protected information through Telnet connections...

PT-2021-9138 · Zephyr · Zephyr

Name of the Vulnerable Software and Affected Versions: Zephyr versions = v1.14.2, = v2.2.0 Description: The issue concerns Missing Size Checks in Bluetooth HCI over SPI, which involves Improper Handling of Length Parameter Inconsistency. Recommendations: For Zephyr versions = v1.14.2, = v2.2.0, a...

The vulnerability of the serial interface converters NPort IA5150A/IA5250A, IA5450A lies in their lack of access control mechanisms, allowing attackers to gain unauthorized access to protected information.

The vulnerability of the serial interface converters NPort IA5150A/IA5250A, IA5450A lies in the lack of protection for transmitted data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

The vulnerability of the serial interface converters NPort IA5150A/IA5250A, IA5450A lies in their lack of access control mechanisms. This allows attackers to circumvent existing security restrictions and gain increased privileges.

The vulnerability of the serial interface converters NPort IA5150A/IA5250A, IA5450A is related to deficiencies in access control. Exploiting this vulnerability can allow a malicious actor to bypass existing security restrictions and gain increased privileges...