CVE-2025-9577

TOTOLINK X2000R (firmware up to 2.0.0) contains a vulnerability in the Administrative Interface where an unknown function in /etc/shadow.sample can lead to default credential usage. Local access is required; exploitation is described as difficult, but the exploit has been released publicly and ma...

CVE-2025-9576

A vulnerability was identified in seeedstudio ReSpeaker LinkIt7688. Impacted is an unknown function of the file /etc/shadow of the component Administrative Interface. The manipulation leads to use of default credentials. An attack has to be approached locally. A high degree of complexity is neede...

CVE-2025-9576

CVE-2025-9576 concerns Seeedstudio ReSpeaker LinkIt7688, where an Administrative Interface function handling the file "/etc/shadow" can be manipulated to enable default-credential use. Exploitation requires local access and is described as high-complexity with low exploitability in the public mat...

CVE-2025-9576 seeedstudio ReSpeaker Administrative shadow default credentials

A vulnerability was identified in seeedstudio ReSpeaker LinkIt7688. Impacted is an unknown function of the file /etc/shadow of the component Administrative Interface. The manipulation leads to use of default credentials. An attack has to be approached locally. A high degree of complexity is neede...

CVE-2025-9576 seeedstudio ReSpeaker Administrative shadow default credentials

A vulnerability was identified in seeedstudio ReSpeaker LinkIt7688. Impacted is an unknown function of the file /etc/shadow of the component Administrative Interface. The manipulation leads to use of default credentials. An attack has to be approached locally. A high degree of complexity is neede...

PT-2025-35125

Name of the Vulnerable Software and Affected Versions seeedstudio ReSpeaker LinkIt7688 affected versions not specified Description A vulnerability exists in seeedstudio ReSpeaker LinkIt7688, impacting an unknown function within the Administrative Interface component’s /etc/shadow file. This...

PT-2025-35143

Name of the Vulnerable Software and Affected Versions Cudy WR1200EA version 2.3.7-20250113-121810 Description A vulnerability exists in Cudy WR1200EA that allows for the use of a default password. The issue affects an unknown function within the /etc/shadow file. Exploitation requires local acces...

TOTOLINK X2000R 安全漏洞

TOTOLINK X2000R is a WiFi 6 router from China's Gion Electronics TOTOLINK, which supports Gigabit network and Easy Mesh features with multi-device connectivity and wireless expansion. The TOTOLINK X2000R suffers from a Use Default Credentials vulnerability, which originates from an unknown functi...

Cudy WR1200EA 安全漏洞

The Cudy WR1200EA is a WiFi router from the Chinese company Cudy. A security vulnerability exists in the Cudy WR1200EA version 2.3.7-20250113-121810, which originates from the /etc/shadow file that can be locally tampered with, resulting in the restoration of the default password...

PT-2025-35127

Name of the Vulnerable Software and Affected Versions TOTOLINK X2000R versions through 2.0.0 Description A security flaw has been discovered that allows for the use of default credentials. The affected element is an unknown function within the /etc/shadow.sample file of the Administrative Interfa...

Cockroach Labs cockroach-k8s-request-cert Empty Root Password Authentication Bypass Vulnerability

This vulnerability could allow remote attackers to bypass authentication on systems that use the affected version of the Cockroach Labs cockroach-k8s-request-cert container image. The specific flaw exists within the configuration of the system shadow file. The issue results from a blank password...

CVE-2025-9309

A vulnerability was found in Tenda AC10 16.03.10.13. Affected is an unknown function of the file /etcro/shadow of the component MD5 Hash Handler. Performing manipulation results in hard-coded credentials. The attack needs to be approached locally. A high degree of complexity is needed for the...

CVE-2025-9309

A vulnerability was found in Tenda AC10 16.03.10.13. Affected is an unknown function of the file /etcro/shadow of the component MD5 Hash Handler. Performing manipulation results in hard-coded credentials. The attack needs to be approached locally. A high degree of complexity is needed for the...

CVE-2025-9309

A vulnerability was found in Tenda AC10 16.03.10.13. Affected is an unknown function of the file /etcro/shadow of the component MD5 Hash Handler. Performing manipulation results in hard-coded credentials. The attack needs to be approached locally. A high degree of complexity is needed for the...

CVE-2025-9309 Tenda AC10 MD5 Hash shadow hard-coded credentials

A vulnerability was found in Tenda AC10 16.03.10.13. Affected is an unknown function of the file /etcro/shadow of the component MD5 Hash Handler. Performing manipulation results in hard-coded credentials. The attack needs to be approached locally. A high degree of complexity is needed for the...

CVE-2025-9309

CVE-2025-9309 affects Tenda AC10 16.03.10.13. The vulnerability lies in the MD5 Hash Handler component, specifically an unknown function within the "/etc_ro/shadow" file, where manipulation leads to hard-coded credentials. Exploitation requires local access and is described as high complexity, wi...

CVE-2025-9309 Tenda AC10 MD5 Hash shadow hard-coded credentials

A vulnerability was found in Tenda AC10 16.03.10.13. Affected is an unknown function of the file /etcro/shadow of the component MD5 Hash Handler. Performing manipulation results in hard-coded credentials. The attack needs to be approached locally. A high degree of complexity is needed for the...

PT-2025-34251 · Tenda · Tenda Ac10

Name of the Vulnerable Software and Affected Versions: Tenda AC10 version 16.03.10.13 Description: A vulnerability exists in the MD5 Hash Handler component of Tenda AC10. The issue affects an unknown function within the /etc ro/shadow file. Manipulation of this function results in the exposure of...

Tenda AC20 Hardcoded Credentials Vulnerability

Tenda AC20 is a home router from Tenda. The Tenda AC20 suffers from a hard-coded credentials vulnerability that originates from the presence of hard-coded credentials in the file /etcro/shadow. An attacker can exploit the vulnerability to cause confidentiality to be compromised...

Linux Distros Unpatched Vulnerability : CVE-2019-19191

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Shibboleth Service Provider SP 3.x before 3.1.0 shipped a spec file that calls chown on files in a directory controlled by the service user the shibd account...