19 matches found
EUVD-2021-21198
Malware in sbrugna...
EUVD-2018-0919
Malware in sbrugna...
CVE-2025-52376
CVE-2025-52376 affects Nexxt Solutions NCM-X1800 Mesh Router (firmware UV1.2.7 and below). The vulnerability is an authentication bypass in the /web/um_open_telnet.cgi endpoint that remotely enables Telnet without authentication. The Telnet service then uses hard-coded credentials (telnetadmin:te...
CVE-2025-24333
Nokia Single RAN baseband software earlier than 24R1-SR 1.0 MP contains administrative shell input validation fault, which authenticated admin user can, in theory, potentially use for injecting arbitrary commands for unprivileged baseband OAM service process execution via special characters added...
CVE-2025-24333 Administrative user shell input validation fault
Nokia Single RAN baseband software earlier than 24R1-SR 1.0 MP contains administrative shell input validation fault, which authenticated admin user can, in theory, potentially use for injecting arbitrary commands for unprivileged baseband OAM service process execution via special characters added...
CVE-2021-34546
An unauthenticated attacker with physical access to a computer with NetSetMan Pro before 5.0 installed, that has the pre-logon profile switch button within the Windows logon screen enabled, is able to drop to an administrative shell and execute arbitrary commands as SYSTEM via the "save log to...
Siemens SICAM A8000 Use of Hard-Coded Credentials (CVE-2021-45033)
A vulnerability has been identified in CP-8000 MASTER MODULE WITH I/O -25/+70C All versions V16.20, CP-8000 MASTER MODULE WITH I/O -40/+70C All versions V16.20, CP-8021 MASTER MODULE All versions V16.20, CP-8022 MASTER MODULE WITH GPRS All versions V16.20. An undocumented debug port uses hard-cod...
CVE-2022-3203 ORing net IAP-420(+) Hidden Functionality
On ORing net IAP-420+ with FW version 2.0m a telnet server is enabled by default and cannot permanently be disabled. You can connect to the device via LAN or WiFi with hardcoded credentials and get an administrative shell. These credentials are reset to defaults with every reboot...
CVE-2022-3203 ORing net IAP-420(+) Hidden Functionality
On ORing net IAP-420+ with FW version 2.0m a telnet server is enabled by default and cannot permanently be disabled. You can connect to the device via LAN or WiFi with hardcoded credentials and get an administrative shell. These credentials are reset to defaults with every reboot...
PT-2022-21056 · Oring · Oring Net Iap-420
Name of the Vulnerable Software and Affected Versions: ORing net IAP-420+ version 2.0m Description: The issue allows unauthorized access to the device via telnet, using hardcoded credentials, which provides an administrative shell. These credentials reset to defaults with every reboot, allowing...
CVE-2021-45033
A vulnerability has been identified in CP-8000 MASTER MODULE WITH I/O -25/+70°C All versions V16.20, CP-8000 MASTER MODULE WITH I/O -40/+70°C All versions V16.20, CP-8021 MASTER MODULE All versions V16.20, CP-8022 MASTER MODULE WITH GPRS All versions V16.20. An undocumented debug port uses...
CVE-2021-34546
An unauthenticated attacker with physical access to a computer with NetSetMan Pro before 5.0 installed, that has the pre-logon profile switch button within the Windows logon screen enabled, is able to drop to an administrative shell and execute arbitrary commands as SYSTEM via the "save log to...
Design/Logic Flaw
An unauthenticated attacker with physical access to a computer with NetSetMan Pro before 5.0 installed, that has the pre-logon profile switch button within the Windows logon screen enabled, is able to drop to an administrative shell and execute arbitrary commands as SYSTEM via the "save log to...
UCOPIA Wi-Fi appliances OS Command Injection Vulnerability
A security vulnerability exists in Ucopia Express 6.0.5 that allows an authenticated, remote attacker to escape the restricted administrative shell CLI and access a shell with admin user privileges via unprotected less commands...
CVE-2018-0095
A vulnerability in the administrative shell of Cisco AsyncOS on Cisco Email Security Appliance ESA and Content Security Management Appliance SMA could allow an authenticated, local attacker to escalate their privilege level and gain root access. The attacker has to have a valid user credential wi...
CVE-2018-0095
A vulnerability in the administrative shell of Cisco AsyncOS on Cisco Email Security Appliance ESA and Content Security Management Appliance SMA could allow an authenticated, local attacker to escalate their privilege level and gain root access. The attacker has to have a valid user credential wi...
Design/Logic Flaw
A vulnerability in the administrative shell of Cisco AsyncOS on Cisco Email Security Appliance ESA and Content Security Management Appliance SMA could allow an authenticated, local attacker to escalate their privilege level and gain root access. The attacker has to have a valid user credential wi...
CVE-2018-0095
A vulnerability in the administrative shell of Cisco AsyncOS on Cisco Email Security Appliance ESA and Content Security Management Appliance SMA could allow an authenticated, local attacker to escalate their privilege level and gain root access. The attacker has to have a valid user credential wi...
SOL05770600 - Linux libuser vulnerability CVE-2015-3246
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...