CVE-2026-25803

3DP-MANAGER is an inbound generator for 3x-ui. In version 2.0.1 and prior, the application automatically creates an administrative account with known default credentials admin/admin upon the first initialization. Attackers with network access to the application's login interface can gain full...

CVE-2026-25803 3DP-MANAGER Uses Hard-coded Credentials

3DP-MANAGER is an inbound generator for 3x-ui. In version 2.0.1 and prior, the application automatically creates an administrative account with known default credentials admin/admin upon the first initialization. Attackers with network access to the application's login interface can gain full...

EUVD-2016-7389

Malware in sbrugna...

ABB M2M Gateway

SUMMARY ABB is aware of public reports of a vulnerabilities in product versions listed as affected in this advisory. An attacker who successfully exploited these vulnerabilities could cause the product to stop, make the product inacces-sible, take remote control of the product or insert and run...

CVE-2024-39545 Junos OS: SRX Series, MX Series with SPC3 and NFX350: When VPN tunnels parameters are not configured in specific way the iked process will crash

An Improper Check for Unusual or Exceptional Conditions vulnerability in the the IKE daemon iked of Juniper Networks Junos OS on SRX Series, MX Series with SPC3 and NFX350 allows allows an unauthenticated, network-based attacker sending specific mismatching parameters as part of the IPsec...

SonicWALL SonicOS Security Vulnerabilities

SonicWALL SonicOS is a suite of operating systems from SonicWALL, Inc. designed for use with SonicWall firewall appliances. A security vulnerability exists in SonicWALL SonicOS that stems from improper management of SonicOS authentication privileges in SSL VPN tunnels, which allows a user to...

Microsoft Patch Tuesday for October 2022 — Snort rules and prominent vulnerabilities

By Jon Munshaw and Vanja Svajcer. Microsoft released its monthly security update Tuesday, disclosing 83 vulnerabilities across the company’s hardware and software line, including seven critical issues in Windows’ point-to-point tunneling protocol. October's security update features 11 critical...

CVE-2021-41032

An improper access control vulnerability CWE-284 in FortiOS versions 6.4.8 and prior and 7.0.3 and prior may allow an authenticated attacker with a restricted user profile to gather sensitive information and modify the SSL-VPN tunnel status of other VDOMs using specific CLI commands...

多款Cisco产品安全漏洞

Cisco Firepower Threat Defense and Cisco Adaptive Security Appliances Software are both products of Cisco, Inc. Cisco Adaptive Security Appliances Software is a firewall and network security platform. The platform provides highly secure access to data and network resources, among other...

3S-Smart Software Solutions GmbH CODESYS V3 Products Containing a CODESYS Communication Server

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: 3S-Smart Software Solutions GmbH Equipment: CODESYS V3 products containing a CODESYS communication server Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this...

Cisco ASR 5000 Series Router Denial of Service Vulnerability

The Cisco Aggregation Services Router ASR 5000 Series Routers and Virtualized Packet Core VPC System Software are both products of Cisco, Inc. The Cisco Aggregation Services Router ASR 5000 Series Routers are a 5000 series of secure router appliances.The Virtualized Packet Core VPC System Softwar...

3S-Smart Software Solutions GmbH CODESYS Web Server

CVSS v3 9.8 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: 3S-Smart Software Solutions GmbH Equipment: CODESYS Web Server Vulnerability: Stack-based Buffer Overflow AFFECTED PRODUCTS All Microsoft Windows also WinCE based CODESYS web servers running stand-alone Version 2.3, o...

Cisco StarOS IPsec Denial of Service Vulnerability

The Cisco ASR 5000 Series is a carrier-grade platform for deploying high-demand 3G networks and migrating to long-term evolution. and StarOS is the suite of Linux operating systems used in them. Cisco StarOS for Cisco ASR 5000 Series Routers has a security vulnerability in the IPsec component...

Wikileaks Unveils 'Cherry Blossom' — Wireless Hacking System Used by CIA

WikiLeaks has published a new batch of the ongoing Vault 7 leak, this time detailing a framework – which is being used by the CIA for monitoring the Internet activity of the targeted systems by exploiting vulnerabilities in Wi-Fi devices. Dubbed "Cherry Blossom," the framework was allegedly...

OnionCat - An Anonymous VPN-Adapter (P2P layer 3 VPN based on Tor or I2P)

OnionCat is a VPN-adapter which allows to connect two or more computers or networks through VPN-tunnels. It is designed to use the anonymization networks Tor or I2P as its transport, hence, it provides location-based anonymity while still creating tunnel end points with private unique IP addresse...

Symantec Dynamic VPN Services: ISAKMP Denial of Service

SUMMARY The NISCC National Infrastructure Security Co-ordination Centre a UK-sponsored inter-departmental agency has identified nearly five-thousand potential ISAKMP vulnerabilities. Test for these vulnerabilities were created by the NISCC and distributed to an unspecified number of vendors...