CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

36 matches found

CVE-2026-4377

Dlink DWR-X1820 router uses weak default password generated from its IMEI number and does not require users to change it. An attacker who knows how passwords are generated can easily crack the default password if they have the device IMEI number. This issue was fixed in version 1.00B16CP...

6CVSS5.5AI score0.0002EPSS

Exploits0References1

EUVD•added 2026/05/28 12:30 p.m.•9 views

EUVD-2026-32860

6CVSS5.8AI score0.0002EPSS

Exploits0References3

Cvelist•added 2026/05/28 9:2 a.m.•24 views

CVE-2026-4377 Use of Weak Credentials in D-Link DWR-X1820 router

6CVSS0.0002EPSS

Exploits0References2

CVE•added 2026/05/28 9:2 a.m.•11 views

CVE-2026-4377

The CVE refers to the D-Link DWR-X1820 router, where a weak default password is generated from the IMEI and does not require change by the user. This vulnerability can allow an attacker who knows the password-generation method to crack the default password given the device IMEI. A fix is availabl...

6CVSS5.8AI score0.0002EPSS

Exploits0References2

Vulnrichment•added 2026/05/28 9:2 a.m.•5 views

CVE-2026-4377 Use of Weak Credentials in D-Link DWR-X1820 router

6CVSS5.8AI score0.0002EPSS

Exploits0References2

Vulnrichment•added 2026/01/26 10:5 a.m.•2 views

CVE-2025-59102 Secrets Stored in Plaintext in Database in dormakaba access manager

The web server of the Access Manager offers a functionality to download a backup of the local database stored on the device. This database contains the whole configuration. This includes encrypted MIFARE keys, card data, user PINs and much more. The PINs are even stored unencrypted. Combined with...

6.9CVSS5.9AI score0.00058EPSS

Exploits0References3

Positive Technologies•added 2026/01/26 12:0 a.m.•4 views

PT-2026-4752

9.3CVSS5.9AI score0.00142EPSS

Exploits0References4

RedhatCVE•added 2025/12/11 11:4 p.m.•1 views

CVE-2025-67513

FreePBX Endpoint Manager is a module for managing telephony endpoints in FreePBX systems. Versions prior to 16.0.96 and 17.0.1 through 17.0.9 have a weak default password. By default, this is a 6 digit numeric value which can be brute forced. This is the apppassword parameter. Depending on local...

6.9CVSS6.6AI score0.00052EPSS

Exploits0References1

NVD•added 2025/12/10 11:15 p.m.•1 views

CVE-2025-67513

6.9CVSS0.00052EPSS

Exploits0References1

CVE•added 2025/12/10 10:43 p.m.•10 views

CVE-2025-67513

CVE-2025-67513 affects FreePBX Endpoint Manager (module for managing telephony endpoints in FreePBX). Versions prior to 16.0.96 and 17.0.1 through 17.0.9 use a weak default 6‑digit app_password, which can be brute-forced. Depending on local configuration, this password could grant access to the e...

6.9CVSS6.2AI score0.00052EPSS

Exploits0References1

Cvelist•added 2025/12/10 10:43 p.m.•17 views

CVE-2025-67513 FreePBX Endpoint Manager's Weak Default Password Allows Unauthenticated Access in Endpoint Module REST API

6.9CVSS0.00052EPSS

Exploits0References1

ATTACKERKB•added 2025/12/10 10:43 p.m.•2 views

CVE-2025-67513

6.9CVSS5.6AI score0.00052EPSS

Exploits0References2Affected Software1

EUVD•added 2025/12/10 10:43 p.m.•1 views

EUVD-2025-202640

6.9CVSS6AI score0.00052EPSS

Exploits0References1

Vulnrichment•added 2025/12/10 10:43 p.m.•2 views

CVE-2025-67513 FreePBX Endpoint Manager's Weak Default Password Allows Unauthenticated Access in Endpoint Module REST API

6.9CVSS6.2AI score0.00052EPSS

Exploits0References1

Positive Technologies•added 2025/12/10 12:0 a.m.•3 views

PT-2025-50554

6.9CVSS6.5AI score0.00052EPSS

Exploits0References3

CNNVD•added 2025/12/10 12:0 a.m.•4 views

FreePBX Endpoint Manager 安全漏洞

FreePBX Endpoint Manager is a centralized IP phone endpoint configuration module from the FreePBX open source. A security vulnerability exists in FreePBX Endpoint Manager versions prior to 16.0.96 and 17.0.1 through 17.0.9, which stems from a weak default password that can be brute-force broken...

6.9CVSS6.8AI score0.00052EPSS

Exploits0References2

OSV•added 2025/05/09 4:15 p.m.•1 views

CVE-2025-28200

Victure RX1800 ENV1.0.0r12110933 was discovered to utilize a weak default password which includes the last 8 digits of the Mac address...

9.8CVSS5.8AI score0.00369EPSS

Exploits1References3

CNNVD•added 2025/05/09 12:0 a.m.•1 views

Victure RX1800 安全漏洞

The Victure RX1800 is a wireless router from Victure. A security vulnerability exists in the Victure RX1800 ENV1.0.0r12110933 version that stems from the use of a weak default password...

9.8CVSS6.7AI score0.00369EPSS

Exploits1References4

CNNVD•added 2025/02/06 12:0 a.m.•1 views

Smartcom SAM-4G1G-TT-W-VC和Smartcom SAM-4F1F-TT-W-A1 安全漏洞

The Smartcom SAM-4G1G-TT-W-VC and Smartcom SAM-4F1F-TT-W-A1 are both wireless routers from Smartcom. A security vulnerability exists in the Smartcom SAM-4G1G-TT-W-VC and Smartcom SAM-4F1F-TT-W-A1 that stems from a weak default WiFi password generation algorithm that could allow a remote attacker ...

5.7CVSS6.7AI score0.00072EPSS

Exploits0References2

Positive Technologies•added 2025/02/06 12:0 a.m.•3 views

PT-2025-5868 · Smartcom Bulgaria Ad · Smartcom Ralink Cpe/Wifi Router

Name of the Vulnerable Software and Affected Versions: Smartcom Bulgaria AD Smartcom Ralink CPE/WiFi router versions SAM-4G1G-TT-W-VC, SAM-4F1F-TT-W-A1 Description: The issue allows a remote attacker to obtain sensitive information via the weak default WiFi password generation algorithm in WiFi...

5.7CVSS6.9AI score0.00072EPSS

Exploits0References8

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by