27 matches found
CVE-2025-29268
ALLNET ALL-RUT22GW v3.3.8 was discovered to store hardcoded credentials in the libicos.so library...
EUVD-2025-201251
ALLNET ALL-RUT22GW v3.3.8 was discovered to store hardcoded credentials in the libicos.so library...
EUVD-2025-201252
ALLNET ALL-RUT22GW v3.3.8 was discovered to contain an OS command injection vulnerability via the command parameter in the popen.cgi endpoint...
CVE-2025-29268
ALLNET ALL-RUT22GW v3.3.8 was discovered to store hardcoded credentials in the libicos.so library...
CVE-2025-29268
ALLNET ALL-RUT22GW v3.3.8 was discovered to store hardcoded credentials in the libicos.so library...
CVE-2025-29269
ALLNET ALL-RUT22GW v3.3.8 was discovered to contain an OS command injection vulnerability via the command parameter in the popen.cgi endpoint...
CVE-2025-29269
ALLNET ALL-RUT22GW v3.3.8 was discovered to contain an OS command injection vulnerability via the command parameter in the popen.cgi endpoint...
CVE-2025-29268
ALLNET ALL-RUT22GW v3.3.8 was discovered to store hardcoded credentials in the libicos.so library...
CVE-2025-29269
ALLNET ALL-RUT22GW v3.3.8 was discovered to contain an OS command injection vulnerability via the command parameter in the popen.cgi endpoint...
ALLNET ALL-RUT22GW v3.3.8 安全漏洞
ALLNET ALL-RUT22GW is a wireless router from ALLNET Germany. A security vulnerability exists in ALLNET ALL-RUT22GW v3.3.8, which stems from the inclusion of hard-coded credentials in the libicos.so library...
CVE-2025-29268
CVE-2025-29268 affects ALLNET ALL-RUT22GW v3.3.8. The flaw stores hardcoded credentials in the libicos.so library, aligning with the CVSSv3.1 vector (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) and a base score of 9.8 (CRITICAL). Impact spans confidentiality, integrity, and availability. Public referenc...
CVE-2025-29268
ALLNET ALL-RUT22GW v3.3.8 was discovered to store hardcoded credentials in the libicos.so library...
CVE-2025-29269
ALLNET ALL-RUT22GW v3.3.8 was discovered to contain an OS command injection vulnerability via the command parameter in the popen.cgi endpoint...
CVE-2025-29269
Summary: CVE-2025-29269 affects ALLNET ALL-RUT22GW v3.3.8 and is an OS command injection via the parameter named “command” in the popen.cgi endpoint. The vulnerability’s root cause is improper handling of the command parameter, enabling arbitrary command execution. Several sources corroborate the...
PT-2025-49120
Name of the Vulnerable Software and Affected Versions ALLNET ALL-RUT22GW version 3.3.8 Description The ALLNET ALL-RUT22GW device version 3.3.8 stores hardcoded credentials within the libicos.so library. These credentials are present in the library and could potentially be exposed. Recommendations...
PT-2025-49121
Name of the Vulnerable Software and Affected Versions ALLNET ALL-RUT22GW version 3.3.8 Description The ALLNET ALL-RUT22GW software contains an OS command injection issue. This occurs through the command parameter within the ''popen.cgi'' endpoint, allowing for potential unauthorized system access...
EUVD-2022-37715
Malicious code in bioql PyPI...
CVE-2022-34767
Web page which "wizardpwd.asp" ALLNET Router model WR0500AC is prone to Authorization bypass vulnerability – the password, located at "admin" allows changing the https://wizardpwd.asp/cgi-bin. Does not validate the user's identity and can be accessed publicly...
CVE-2022-34767
Web page which "wizardpwd.asp" ALLNET Router model WR0500AC is prone to Authorization bypass vulnerability – the password, located at "admin" allows changing the https://wizardpwd.asp/cgi-bin. Does not validate the user's identity and can be accessed publicly...
CVE-2022-34767
Web page which "wizardpwd.asp" ALLNET Router model WR0500AC is prone to Authorization bypass vulnerability – the password, located at "admin" allows changing the https://wizardpwd.asp/cgi-bin. Does not validate the user's identity and can be accessed publicly...