16 matches found
EUVD-2026-25395
DWM-222W USB Wi-Fi Adapter developed by D-Link has a Brute-Force Protection Bypass vulnerability, allowing unauthenticated adjacent network attackers to bypass login attempt limits to perform brute-force attacks to gain control over the device...
CVE-2026-6947
The CVE-2026-6947 entry concerns the D-Link DWM-222W USB Wi‑Fi Adapter, where a Brute-Force Protection Bypass allows unauthenticated adjacent-network attackers to bypass login attempt limits and perform brute-force actions to gain control of the device. Affected component: login protection mechan...
CVE-2025-12547
A vulnerability was identified in LogicalDOC Community Edition up to 9.2.1. This vulnerability affects unknown code of the file /login.jsp of the component Admin Login Page. Such manipulation leads to improper restriction of excessive authentication attempts. The attack can be executed remotely...
CVE-2025-62399 Moodle: password brute force risk when mobile/web services enabled
Moodle’s mobile and web service authentication endpoints did not sufficiently restrict repeated password attempts, making them susceptible to brute-force attacks...
SolaX Cloud 安全漏洞
SolaX Cloud is a PV monitoring and management platform from SolaX China. A security vulnerability exists in SolaX Cloud that stems from a bypass of the Forgot Password feature, which could lead to an authentication attempt limit bypass...
Akinsoft MyRezzta Authentication Bypass Vulnerability
Aiseesoft is a technology company specializing in software development. An authentication bypass vulnerability exists in Akinsoft MyRezzta that stems from improperly limiting authentication attempts, and no detailed vulnerability details are available at this time...
CVE-2025-9004
A vulnerability was found in mtons mblog up to 3.5.0. This issue affects some unknown processing of the file /settings/password. The manipulation leads to improper restriction of excessive authentication attempts. The attack may be initiated remotely. The complexity of an attack is rather high. T...
The vulnerability of the server console for managing Fortinet FortiClient Enterprise Management Server programs allows a perpetrator to execute a brute-force attack.
The vulnerability of the server console for managing Fortinet FortiClient Enterprise Management Server EMS is related to the lack of authentication attempt limits. Exploiting this vulnerability allows a malicious actor to execute a brute-force attack remotely...
PT-2024-4721 · Unknown · Сервис Обновлений
Name of the Vulnerable Software and Affected Versions: Сервис обновлений affected versions not specified Description: The issue is related to the SOAP request handler in the "Сервис обновлений" software, which lacks authentication attempt limits. This can be exploited by a remote attacker to gain...
The vulnerability of the FortiSIEM security management system lies in its insufficient authentication attempt limitation, which allows attackers to circumvent existing security restrictions.
The vulnerability of the FortiSIEM security management system is related to insufficient restrictions on authentication attempts. Exploiting this vulnerability allows a malicious actor to circumvent existing security restrictions through brute-force attacks...
The vulnerability of the Fortinet FortiDeceptor tool for detecting and responding to external and internal security threats lies in its insufficient limitation on authentication attempts. This allows attackers to trigger a service denial.
The vulnerability of the Fortinet FortiDeceptor tool for detecting and responding to external and internal security threats is related to insufficient restrictions on authentication attempts. Exploiting this vulnerability allows a malicious actor to trigger a service failure by sending a speciall...
Schneider Electric Conext ComBox 安全漏洞
Schneider Electric Conext ComBox is a powerful communication and monitoring device from Schneider Electric, a French company. A security vulnerability exists in all versions of the Schneider Electric Conext ComBox that stems from an incorrect limit on the number of authentication attempts that...
CVE-2021-37934
Due to insufficient server-side login-attempt limit enforcement, a vulnerability in /account/login in Huntflow Enterprise before 3.10.14 could allow an unauthenticated, remote user to perform multiple login attempts for brute-force password guessing...
The vulnerability of the SCADA system of OIK Dispetchner NT is related to deficiencies in the mechanism for limiting the number of authentication attempts. This allows a violator to circumvent existing security restrictions by using brute-force attacks.
The vulnerability of the SCADA system of OIK Dispatching is related to deficiencies in the mechanism for limiting the number of authentication attempts. Exploiting this vulnerability could allow a malicious actor to circumvent existing security restrictions by using brute-force attacks...
The vulnerability of the microprogrammed control module software for Schneider Electric Easergy T300 (HU250) automation systems for transformer substations lies in the improper limitation on the number of unsuccessful authentication attempts. This allows a perpetrator to gain full access.
The vulnerability of the microprogrammed control module software for automation of transformer substations in Schneider Electric Easergy T300 HU250 is related to an improper limitation on the number of unsuccessful authentication attempts. Exploiting this vulnerability can allow a malicious actor...
Атака "грубой силы" против Serv-U (bruteforcing)
Можно обойти защитный механизм, ограничивающий число попыткок, перемежая ввод имени и пароля с аннонимным логином...