Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

11 matches found

RedhatCVE
RedhatCVEadded 2025/12/05 12:9 a.m.12 views

CVE-2025-29268

ALLNET ALL-RUT22GW v3.3.8 was discovered to store hardcoded credentials in the libicos.so library...

9.8CVSS7.2AI score0.08072EPSS
Exploits1References1
Vulnrichment
Vulnrichmentadded 2025/12/04 12:0 a.m.2 views

CVE-2025-29269

ALLNET ALL-RUT22GW v3.3.8 was discovered to contain an OS command injection vulnerability via the command parameter in the popen.cgi endpoint...

7.7AI score0.02292EPSS
Exploits1References3
Vulnrichment
Vulnrichmentadded 2025/12/04 12:0 a.m.3 views

CVE-2025-29268

ALLNET ALL-RUT22GW v3.3.8 was discovered to store hardcoded credentials in the libicos.so library...

6.8AI score0.08072EPSS
Exploits1References3
Cvelist
Cvelistadded 2025/12/04 12:0 a.m.16 views

CVE-2025-29268

ALLNET ALL-RUT22GW v3.3.8 was discovered to store hardcoded credentials in the libicos.so library...

0.08072EPSS
Exploits1References3
CVE
CVEadded 2025/12/04 12:0 a.m.19 views

CVE-2025-29269

Summary: CVE-2025-29269 affects ALLNET ALL-RUT22GW v3.3.8 and is an OS command injection via the parameter named “command” in the popen.cgi endpoint. The vulnerability’s root cause is improper handling of the command parameter, enabling arbitrary command execution. Several sources corroborate the...

9.8CVSS7.7AI score0.02292EPSS
Exploits1References3Affected Software1
CVE
CVEadded 2025/12/04 12:0 a.m.13 views

CVE-2025-29268

CVE-2025-29268 affects ALLNET ALL-RUT22GW v3.3.8. The flaw stores hardcoded credentials in the libicos.so library, aligning with the CVSSv3.1 vector (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) and a base score of 9.8 (CRITICAL). Impact spans confidentiality, integrity, and availability. Public referenc...

9.8CVSS6.8AI score0.08072EPSS
Exploits1References3Affected Software1
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2022-37715

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.00529EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/22 9:55 p.m.4 views

CVE-2022-34767

Web page which "wizardpwd.asp" ALLNET Router model WR0500AC is prone to Authorization bypass vulnerability – the password, located at "admin" allows changing the https://wizardpwd.asp/cgi-bin. Does not validate the user's identity and can be accessed publicly...

9.8CVSS7AI score0.00529EPSS
Exploits0References1
NVD
NVDadded 2022/07/21 4:15 p.m.23 views

CVE-2022-34767

Web page which "wizardpwd.asp" ALLNET Router model WR0500AC is prone to Authorization bypass vulnerability – the password, located at "admin" allows changing the https://wizardpwd.asp/cgi-bin. Does not validate the user's identity and can be accessed publicly...

9.8CVSS0.00529EPSS
Exploits0References1
Prion
Prionadded 2022/07/21 4:15 p.m.16 views

Authorization

Web page which "wizardpwd.asp" ALLNET Router model WR0500AC is prone to Authorization bypass vulnerability – the password, located at "admin" allows changing the https://wizardpwd.asp/cgi-bin. Does not validate the user's identity and can be accessed publicly...

7.5CVSS9.4AI score0.00529EPSS
Exploits0References1
CVE
CVEadded 2022/07/21 3:37 p.m.69 views

CVE-2022-34767

The CVE-2022-34767 vulnerability affects ALLNET WR0500AC router devices. The issue resides in the wizardpwd.asp page, where the admin password can be accessed and changed without validating the user’s identity, enabling an authorization bypass that can be exploited publicly. Several sources descr...

9.8CVSS7.7AI score0.00529EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder