Lucene search
K

40 matches found

CVE
CVE
added 2026/03/16 10:44 a.m.12 views

CVE-2025-15552

CVE-2025-15552 affects Truesec LAPSWebUI prior to version 2.4. The root cause is insufficient session expiration, which can allow a workstation-occupied attacker to escalate privileges by disclosure of the local admin password. The available connected sources corroborate a local-attack vector wit...

7.8CVSS5.8AI score0.00109EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2025/10/03 8:7 p.m.22 views

EUVD-2023-12106

Malicious code in bioql PyPI...

6.7CVSS6.5AI score0.00206EPSS
Exploits1References1
OSV
OSV
added 2023/11/30 11:15 p.m.7 views

CVE-2023-46384

LOYTEC electronics GmbH LINX Configurator all versions is vulnerable to Insecure Permissions. Cleartext storage of credentials allows remote attackers to disclose admin password and bypass an authentication to login Loytec device...

7.5CVSS5.9AI score0.01522EPSS
Exploits2References5
Positive Technologies
Positive Technologies
added 2023/11/30 12:0 a.m.6 views

PT-2023-29993 · Loytec Electronics Gmbh · Linx Configurator

Name of the Vulnerable Software and Affected Versions: LOYTEC electronics GmbH LINX Configurator all versions Description: The issue concerns insecure permissions in the LINX Configurator, where credentials are stored in cleartext. This allows remote attackers to disclose the admin password and...

7.5CVSS7.3AI score0.01522EPSS
Exploits2References8
ATTACKERKB
ATTACKERKB
added 2021/12/13 4:15 a.m.4 views

CVE-2021-40858

Auerswald COMpact 5500R devices before 8.2B allow Arbitrary File Disclosure. A sub-admin can read the cleartext Admin password via the fileName=../../etc/passwd substring...

6.8CVSS5.8AI score0.02394EPSS
Exploits4References4
OSV
OSV
added 2020/09/02 4:15 p.m.5 views

CVE-2020-25078

An issue was discovered on D-Link DCS-2530L before 1.06.01 Hotfix and DCS-2670L through 2.02 devices. The unauthenticated /config/getuser endpoint allows for remote administrator password disclosure...

7.5CVSS7.4AI score0.97901EPSS
Exploits4References4
ATTACKERKB
ATTACKERKB
added 2020/09/02 12:0 a.m.235 views

CVE-2020-25078

An issue was discovered on D-Link DCS-2530L before 1.06.01 Hotfix and DCS-2670L through 2.02 devices. The unauthenticated /config/getuser endpoint allows for remote administrator password disclosure. Recent assessments: kevthehermit at March 04, 2021 12:03am UTC reported: Vulnerability The D-LInk...

7.5CVSS8.2AI score0.97901EPSS
In wildExploits4References3
OSV
OSV
added 2020/04/22 3:15 p.m.4 views

CVE-2017-18777

Certain NETGEAR devices are affected by administrative password disclosure. This affects D6220 before V1.0.0.28, D6400 before V1.0.0.60, D8500 before V1.0.3.29, DGN2200v4 before 1.0.0.82, DGN2200Bv4 before 1.0.0.82, R6300v2 before 1.0.4.8, R6400 before 1.0.1.20, R6700 before 1.0.1.20, R6900 befor...

7.8CVSS5.8AI score0.00284EPSS
Exploits0References1
OSV
OSV
added 2019/06/13 7:29 p.m.5 views

CVE-2018-10946

An issue was discovered in versions earlier than 1.3.0-66872 for Polycom RealPresence Debut that allows attackers to arbitrarily read the admin user's password via the admin web UI...

6.8CVSS5.8AI score0.00487EPSS
Exploits0References2
Prion
Prion
added 2018/08/29 7:29 p.m.17 views

Default credentials

An issue was discovered on D-Link DIR-601 2.02NA devices. Being local to the network and having only "User" account which is a low privilege account access, an attacker can intercept the response from a POST request to obtain "Admin" rights due to the admin password being displayed in XML...

2.7CVSS7.7AI score0.76507EPSS
Exploits4References2Affected Software1
OSV
OSV
added 2018/08/29 7:29 p.m.3 views

CVE-2018-12710

An issue was discovered on D-Link DIR-601 2.02NA devices. Being local to the network and having only "User" account which is a low privilege account access, an attacker can intercept the response from a POST request to obtain "Admin" rights due to the admin password being displayed in XML...

8CVSS5.8AI score0.76507EPSS
Exploits4References2
VulnCheck KEV
VulnCheck KEV
added 2018/07/13 12:0 a.m.4 views

VulnCheck KEV: CVE-2017-5521

Multiple NETGEAR devices are prone to admin password disclosure via simple crafted requests to the web management server...

8.1CVSS7.4AI score0.89294EPSS
Exploits7References1
seebug.org
seebug.org
added 2018/04/03 12:0 a.m.43 views

DLink DIR-601 - Admin Password Disclosure(CVE-2018-5708)

Description Having local access to the network but being unauthenticated to the administrator panel, a user can disclose the built in Admin username/password to access the admin panel 2. Proof of Concept For proof of concept, the real Admin password is "thisisatest" Step 1: Access default...

7.8AI score0.0633EPSS
Exploits5
Packet Storm
Packet Storm
added 2018/04/01 12:0 a.m.59 views

D-Link DIR-601 Admin Password Disclosure

Exploit Title: DLink DIR-601 Unauthenticated Admin password disclosure Google Dork: N/A Date: 12/24/2017 Exploit Author: Kevin Randall Vendor Homepage: https://www.dlink.com Software Link: N/A Version: Firmware: 2.02NA Hardware Version B1 Tested on: Windows 10 + Mozilla Firefox CVE : CVE-2018-570...

7.8AI score0.0633EPSS
Exploits5
0day.today
0day.today
added 2017/01/04 12:0 a.m.60 views

Netgear DGN2200 / DGND3700 / WNDR4500 Information Disclosure Vulnerability

Netgear models DGN2200, DGND3700, and WNDR4500 suffer from multiple information disclosure vulnerabilities, one of which leaks the admin password. Title: Netgear DGN2200, DGND3700 and WNDR4500 Multiple Information Disclosure Vulnerabilities Author: Mandar jadhav Vendor Homepage:...

8.4AI score0.27215EPSS
Exploits6
seebug.org
seebug.org
added 2016/06/20 12:0 a.m.14 views

Meteocontrol WEB’log - Admin Password Disclosure

No description provided by source...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2015/10/25 12:0 a.m.89 views

Multiple Vulnerabilities found in ZHONE

Vantage Point Security Advisory 2015-002 ======================================== Title: Multiple Vulnerabilities found in ZHONE Vendor: Zhone Vendor URL: http://www.zhone.com Device Model: ZHONE ZNID GPON 2426A 24xx, 24xxA, 42xx, 42xxA, 26xx, and 28xx series models Versions affected: S3.0.501...

9CVSS0.1AI score0.53364EPSS
Exploits6
OpenVAS
OpenVAS
added 2015/10/15 12:0 a.m.31 views

ZHONE ZNID GPON < 3.1.241 Multiple Vulnerabilities

ZHONE ZNID GPON is vulnerable to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9CVSS6.9AI score0.53364EPSS
Exploits6References2
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.14 views

telepark wiki 2.4.23 - Multiple Vulnerabilities

No description provided by source. Abysssec Inc Public Advisory Title : Telepark Wiki Multiple Remote Vulnerabilities Affected Version : = v2.4.23 Vendor Site : www.teamtodo.com Discovery : www.Abysssec.com Vendor contact : 8 november Vendor response : 9 november patch is available in vendor...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.29 views

Portili Personal and Team Wiki <= 1.14 - Multiple Vulnerabilities

No description provided by source. Abysssec Inc Public Advisory Title : Portili Personal and Team Wiki Multiple Remote Vulnerabilities Affected Version : Portili Personal and Team Wik = 1.14 Vendor Site : www.Portili.com Discovery : www.Abysssec.com Vendor Contact : 10/4/2009 Vendor Response :...

7.1AI score
Exploits0
Rows per page
Query Builder