11 matches found
CVE-2025-14485
A weakness has been identified in EFM ipTIME A3004T 14.19.0. This vulnerability affects the function showdebugscreen of the file /sess-bin/timepro.cgi of the component Administrator Password Handler. This manipulation of the argument aaksjdkfj with the input !@dnjsrureljrm& causes command...
CVE-2025-14485
CVE-2025-14485 affects EFM ipTIME A3004T 14.19.0. The vulnerability is in the Administrator Password Handlerโs show_debug_screen function (file /sess-bin/timepro.cgi). Manipulating the argument aaksjdkfj with input !@dnjsrureljrm*& enables command injection remotely. Public exploit content is ind...
EUVD-2025-202644
A weakness has been identified in EFM ipTIME A3004T 14.19.0. This vulnerability affects the function showdebugscreen of the file /sess-bin/timepro.cgi of the component Administrator Password Handler. This manipulation of the argument aaksjdkfj with the input !@dnjsrureljrm& causes command...
CVE-2025-14485 EFM ipTIME A3004T Administrator Password timepro.cgi show_debug_screen command injection
A weakness has been identified in EFM ipTIME A3004T 14.19.0. This vulnerability affects the function showdebugscreen of the file /sess-bin/timepro.cgi of the component Administrator Password Handler. This manipulation of the argument aaksjdkfj with the input !@dnjsrureljrm& causes command...
CVE-2025-10389
A security flaw has been discovered in CRMEB up to 5.6.1. Impacted is the function Save of the file app/services/system/admin/SystemAdminServices.php of the component Administrator Password Handler. Performing manipulation of the argument ID results in improper authorization. The attack may be...
CRMEB ๆๆ้ฎ้ขๆผๆด
CRMEB is a Java mall system of CRMEB open source. An authorization issue vulnerability exists in CRMEB 5.6.1 and earlier versions, which stems from incorrect manipulation of the parameter ID of the component Administrator Password Handler in the file...
CVE-2025-6097
A vulnerability was found in UTT ่ฟๅ 750W up to 5.0 and classified as critical. Affected by this issue is the function formDefineManagement of the file /goform/setSysAdm of the component Administrator Password Handler. The manipulation of the argument passwd1 leads to unverified password change. T...
CVE-2025-6097
A vulnerability was found in UTT ่ฟๅ 750W up to 5.0 and classified as critical. Affected by this issue is the function formDefineManagement of the file /goform/setSysAdm of the component Administrator Password Handler. The manipulation of the argument passwd1 leads to unverified password change. T...
CVE-2025-6097 UTT ่ฟๅ 750W Administrator Password setSysAdm formDefineManagement unverified password change
A vulnerability was found in UTT ่ฟๅ 750W up to 5.0 and classified as critical. Affected by this issue is the function formDefineManagement of the file /goform/setSysAdm of the component Administrator Password Handler. The manipulation of the argument passwd1 leads to unverified password change. T...
CVE-2023-4169
A vulnerability was found in Ruijie RG-EW1200G 1.01B1P5. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /api/sys/setpasswd of the component Administrator Password Handler. The manipulation leads to improper access controls. The attack can ...
CVE-2023-4169 Ruijie RG-EW1200G Administrator Password set_passwd access control
A vulnerability was found in Ruijie RG-EW1200G 1.01B1P5. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /api/sys/setpasswd of the component Administrator Password Handler. The manipulation leads to improper access controls. The attack can ...