Exploit for CVE-2026-42167

CVE-2026-42167: SQL Injection en ProFTPD modsql 📋 Resumen...

EUVD-2018-11788

Malware in sbrugna...

EUVD-2014-3223

Malware in sbrugna...

EUVD-2025-4193

Malicious code in bioql PyPI...

CVE-2022-32998

The cryptoasset-data-downloader package in PyPI v1.0.0 to v1.0.1 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges...

CVE-2025-26410

Wattsense Bridge firmware prior to 6.4.1 contains hard-coded user/root credentials; recovered passwords enable login via the serial interface, leading to total compromise. The backdoor user has been removed in firmware BSP >= 6.4.1. Recommended remediation: update Wattsense Bridge firmware to ...

CVE-2025-26410 Weak Hard-coded Credentials

The firmware of all Wattsense Bridge devices contain the same hard-coded user and root credentials. The user password can be easily recovered via password cracking attempts. The recovered credentials can be used to log into the device via the login shell that is exposed by the serial interface. T...

PT-2025-6174 · Wattsense · Wattsense Bridge

Name of the Vulnerable Software and Affected Versions: Wattsense Bridge versions prior to 6.4.1 Description: The firmware of all Wattsense Bridge devices contains the same hard-coded user and root credentials. The user password can be easily recovered via password cracking attempts. The recovered...

Another Malware with Persistence

Heres a piece of Chinese malware that infects SonicWall security appliances and survives firmware updates. On Thursday, security firm Mandiant published a report that said threat actors with a suspected nexus to China were engaged in a campaign to maintain long-term persistence by running malware...

Exploit for Cross-Site Request Forgery (CSRF) in Filebrowser

CVE-2021-46398 - Lalie ARNOUD, Gaspard ANDRIEU In this reposi...

CVE-2022-46609

Python3-RESTfulAPI commit d9907f14e9e25dcdb54f5b22252b0e9452e3970e and e772e0beee284c50946e94c54a1d43071ca78b74 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well ...

CVE-2021-46398

A Cross-Site Request Forgery vulnerability exists in Filebrowser 2.18.0 that allows attackers to create a backdoor user with admin privilege and get access to the filesystem via a malicious HTML webpage that is sent to the victim. An admin can run commands using the FileBrowser and hence it leads...

PLEASE_READ_ME Ransomware Attacks 85K MySQL Servers

Researchers are warning on an active ransomware campaign that’s targeting MySQL database servers. The ransomware, called PLEASEREADME, has thus far breached at least 85,000 servers worldwide – and has posted at least 250,000 stolen databases on a website for sale. MySQL is an open-source relation...

CVE-2019-8950

The backdoor account dnsekakf2$$ in /bin/login on DASAN H665 devices with firmware 1.46p1-0028 allows an attacker to login to the admin account via TELNET...

ELBA5 5.8.0 - Remote Code Execution

Exploit Title: ELBA5 5.8.0 - Remote Code Execution Date: 2018-11-16 Exploit Author: Florian Bogner Vendor Homepage: https://www.elba.at Vulnerable Software: https://www.elba.at/eBusiness/01template1/1206507788612244132-12065155957890496571206515641959948315-1292519691128454196-NA-38-NA.html...

ELBA5 5.8.0 - Remote Code Execution

ELBA5 5.8.0 - Remote Code Execution Exploit Title: ELBA5 5.8.0 - Remote Code Execution Date: 2018-11-16 Exploit Author: Florian Bogner Vendor Homepage: https://www.elba.at Vulnerable Software:...

ELBA5 5.8.0 - Remote Code Execution Exploit

Exploit Title: ELBA5 5.8.0 - Remote Code Execution Exploit Author: Florian Bogner Vendor Homepage: https://www.elba.at Vulnerable Software: https://www.elba.at/eBusiness/01template1/1206507788612244132-12065155957890496571206515641959948315-1292519691128454196-NA-38-NA.html Version: up to 5.8.0...

CVE-2014-3205

backupmgt/preconnectcheck.php in Seagate BlackArmor NAS contains a hard-coded password of '!@$$%FREDESWWSED' for a backdoor user...

CVE-2014-3205

backupmgt/preconnectcheck.php in Seagate BlackArmor NAS contains a hard-coded password of '!@$$%FREDESWWSED' for a backdoor user...

D-Link DSR-250N Persistent Root Access

D-Link DSR-250N has a backdoor account that allows for persistent root access. D-Link DSR-250N Persistent Root Access Router: D-Link DSR-250N Hardware Version: A1 Firmware Version: 1.05B73WW Arch: armv6l, Linux Author: 0o -- nullnull nu11.nu11 at yahoo.com Date: 2012-11-25 Purpose: Persistently...