CVE-2020-13364

A backdoor in certain Zyxel products allows remote TELNET access via a CGI script. This affects NAS520 V5.21AASZ.4C0, V5.21AASZ.0C0, V5.11AASZ.3C0, and V5.11AASZ.0C0; NAS542 V5.11ABAG.0C0, V5.20ABAG.1C0, and V5.21ABAG.3C0; NSA325 v2V4.81AALS.0C0 and V4.81AAAJ.1C0; NSA310 4.22AFK.0C0 and...

CVE-2020-13364

A backdoor in certain Zyxel products allows remote TELNET access via a CGI script. This affects NAS520 V5.21AASZ.4C0, V5.21AASZ.0C0, V5.11AASZ.3C0, and V5.11AASZ.0C0; NAS542 V5.11ABAG.0C0, V5.20ABAG.1C0, and V5.21ABAG.3C0; NSA325 v2V4.81AALS.0C0 and V4.81AAAJ.1C0; NSA310 4.22AFK.0C0 and...

CVE-2019-16879

The Synergy Systems & Solutions SSS HUSKY RTU 6049-E70, with firmware Versions 5.0 and prior, has a Missing Authentication for Critical Function CWE-306 vulnerability. The affected product does not require authentication for TELNET access, which may allow an attacker to change configuration or...

CVE-2019-16879

The Synergy Systems & Solutions SSS HUSKY RTU 6049-E70, with firmware Versions 5.0 and prior, has a Missing Authentication for Critical Function CWE-306 vulnerability. The affected product does not require authentication for TELNET access, which may allow an attacker to change configuration or...

CVE-2019-16879

The CVE-2019-16879 issue affects the Synergy Systems & Solutions HUSKY RTU 6049-E70 with firmware 5.0 and earlier. It is a Missing Authentication for Critical Function (CWE-306); the device does not require authentication for TELNET access, which could allow an attacker to change configurations o...

CVE-2019-16879

The Synergy Systems & Solutions SSS HUSKY RTU 6049-E70, with firmware Versions 5.0 and prior, has a Missing Authentication for Critical Function CWE-306 vulnerability. The affected product does not require authentication for TELNET access, which may allow an attacker to change configuration or...

CVE-2020-6765

D-Link DSL-GS225 J1 AU1.0.4 devices allow an admin to execute OS commands by placing shell metacharacters after a supported CLI command, as demonstrated by ping -c1 127.0.0.1; cat/etc/passwd. The CLI is reachable by TELNET...

CVE-2019-18852

Certain D-Link devices have a hardcoded Alphanetworks user account with TELNET access because of /etc/config/imagesign or /etc/alphaconfig/imagesign. This affects DIR-600 B1 V2.01 for WW, DIR-890L A1 v1.03, DIR-615 J1 v100 for DCN, DIR-645 A1 v1.03, DIR-815 A1 v1.01, DIR-823 A1 v1.01, and DIR-842...

CVE-2019-18852

Certain D-Link devices have a hardcoded Alphanetworks user account with TELNET access because of /etc/config/imagesign or /etc/alphaconfig/imagesign. This affects DIR-600 B1 V2.01 for WW, DIR-890L A1 v1.03, DIR-615 J1 v100 for DCN, DIR-645 A1 v1.03, DIR-815 A1 v1.01, DIR-823 A1 v1.01, and DIR-842...

Victure PC530 Access Control Error Vulnerability

Victure PC530 is a webcam. An access control error vulnerability exists in the Victure PC530. The vulnerability arises from a network system or product that does not properly restrict access to resources from an unauthorized role. An attacker could exploit the vulnerability to gain unauthenticate...

The vulnerability of Wago industrial-controlled switches is related to the presence of pre-installed authentication data, which allows a intruder to gain access to the device.

The vulnerability of Wago industrial-controlled switches lies in the presence of pre-installed authentication data root account credentials. Exploiting this vulnerability allows a malicious actor to gain access to the device via SSH and TELNET protocols from a remote location...

Information leakage vulnerability in Kunlun Tongstate MCGS touch panel TPC1062Ti system

MCGS is a set of Windows-based configuration software system developed by Beijing Kunlun Automation Software Technology Co., Ltd. which is used to quickly construct and generate the upper computer monitoring system, and it mainly accomplishes on-site data acquisition and monitoring, front-end dat...

CVE-2017-14202

Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in the shell component of Zephyr allows a serial or telnet connected user to cause a crash, possibly with arbitrary code execution. This issue affects: Zephyr shell versions prior to 1.14.0 on all...

CVE-2019-12327

Hardcoded credentials in the Akuvox R50P VoIP phone 50.0.6.156 allow an attacker to get access to the device via telnet. The telnet service is running on port 2323; it cannot be turned off and the credentials cannot be changed...

CVE-2019-12327

Hardcoded credentials in the Akuvox R50P VoIP phone 50.0.6.156 allow an attacker to get access to the device via telnet. The telnet service is running on port 2323; it cannot be turned off and the credentials cannot be changed...

D-Link DCS-1100 and D-Link DCS-1130 Trust Management Vulnerability

The D-Link DCS-1100 and the D-Link DCS-1130 are both network cameras from Taiwan, China-based AUO D-Link. A trust management vulnerability exists in the D-Link DCS-1100 and DCS-1130 that stems from the program using a default password for the Telnet daemon. An attacker could exploit the...

CVE-2018-14528

Invoxia NVX220 devices allow TELNET access as admin with a default password...

Default credentials

Invoxia NVX220 devices allow TELNET access as admin with a default password...

CVE-2018-14528

Invoxia NVX220 devices allow TELNET access as admin with a default password...

UBUNTU-CVE-2018-4059

An exploitable unsafe default configuration vulnerability exists in the TURN server function of coTURN prior to version 4.5.0.9. By default, the TURN server runs an unauthenticated telnet admin portal on the loopback interface. This can provide administrator access to the TURN server configuratio...