Lucene search
+L

7788 matches found

nuclei
nuclei
added 6 hours ago53 views

Ruckus vRioT IoT Controller - Authentication Bypass

Ruckus vRioT through 1.5.1.0.21 contains an API backdoor caused by a hardcoded token in validatetoken.py,letting unauthenticated attackers interact with the API without authentication. id: CVE-2020-26879 info: name: Ruckus vRioT IoT Controller - Authentication Bypass author: DhiyaneshDk severity:...

10CVSS7AI score0.42479EPSS
Exploits1References6
nuclei
nuclei
added 6 hours ago101 views

The School Management < 9.9.7 - Remote Code Execution

The School Management plugin before version 9.9.7 contains an obfuscated backdoor injected in it's license checking code that registers a REST API handler, allowing an unauthenticated attacker to execute arbitrary PHP code on the site. id: CVE-2022-1609 info: name: The School Management 9.9.7 -...

9.8CVSS7.4AI score0.64321EPSS
Exploits6References5
nuclei
nuclei
added 6 hours ago16 views

FatPipe WARP/IPVPN/MPVPN - Backdoor Account

FatPipe WARP, IPVPN, and MPVPN software prior to versions 10.1.2r60p91 and 10.2.2r42 contain an account named "cmuser" with administrative privileges and no password, letting attackers gain unauthorized admin access, exploit requires no authentication. id: CVE-2021-27856 info: name: FatPipe...

9.8CVSS7AI score0.05598EPSS
Exploits1References4
nuclei
nuclei
added 6 hours ago19 views

KevinLAB BEMS (Building Energy Management System) - Backdoor Account

KevinLAB BEMS has an undocumented backdoor account, and these sets of credentials are never exposed to the end-user and cannot be changed through any normal operation of the solution through the RMI. An attacker could exploit this vulnerability by logging in using the backdoor account with highes...

9CVSS6.9AI score0.06719EPSS
Exploits2References2
nuclei
nuclei
added 6 hours ago100 views

Optergy Proton/Enterprise - Unauthenticated RCE via Backdoor Console

Optergy Proton/Enterprise devices allow Remote Root Code Execution via a Backdoor Console. id: CVE-2019-7276 info: name: Optergy Proton/Enterprise - Unauthenticated RCE via Backdoor Console author: daffainfo severity: critical description: | Optergy Proton/Enterprise devices allow Remote Root Cod...

10CVSS7.1AI score0.93384EPSS
Exploits7References4
nuclei
nuclei
added 6 hours ago22 views

WordPress Product Slider Pro for WooCommerce < 3.5.4 - Supply Chain Backdoor RCE

Improper Validation of Specified Quantity in Input vulnerability in ShapedPlugin, LLC Product Slider Pro for WooCommerce allows Malicious Software Implanted. This issue affects Product Slider Pro for WooCommerce: from n/a before 3.5.4. id: CVE-2026-49777 info: name: WordPress Product Slider Pro f...

10CVSS6.1AI score0.01656EPSS
Exploits3References3
nuclei
nuclei
added 6 hours ago55 views

Sony IPELA Engine IP Camera - Hardcoded Account

Multiple SONY network cameras are vulnerable to sensitive information disclosure via hardcoded credentials. id: CVE-2016-7834 info: name: Sony IPELA Engine IP Camera - Hardcoded Account author: af001 severity: high description: | Multiple SONY network cameras are vulnerable to sensitive informati...

8.8CVSS7AI score0.03901EPSS
Exploits0References5
nuclei
nuclei
added 6 hours ago169 views

ZyXel USG - Hardcoded Credentials

A hardcoded credential vulnerability was identified in the 'zyfwp' user account in some Zyxel firewalls and AP controllers. The account was designed to deliver automatic firmware updates to connected access points through FTP. id: CVE-2020-29583 info: name: ZyXel USG - Hardcoded Credentials autho...

10CVSS7.1AI score0.90049EPSS
Exploits2References5
ossf
ossf
added 3 days ago6 views

Malicious code in permcserver (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cf9fcdfd2e40ddb8c0aef4fa0fb93f2d0bcf3b0c00104057076f8013a70812d6 The package's main index.js is a 10-line FFI shim that spawns a worker, dlopens the bundled lib-linux.so via koffi, and immediately invokes the nativ...

6.3AI score
Exploits0References4
ossf
ossf
added 3 days ago7 views

Malicious code in node-fsmetrics-native (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9958558a30dea32a3b0fc2e48bb775433e1f12b339030a8d21872ad058bc28ff On require, index.js hex-decodes the URL http://152.53.120.90/cmd and starts a background loop that polls /cmd/commands, executes returned strings vi...

6.1AI score
Exploits0References2
osv
osv
added 3 days ago5 views

MAL-2026-10480 Malicious code in node-fsmetrics-native (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9958558a30dea32a3b0fc2e48bb775433e1f12b339030a8d21872ad058bc28ff On require, index.js hex-decodes the URL http://152.53.120.90/cmd and starts a background loop that polls /cmd/commands, executes returned strings vi...

6.1AI score
Exploits0References2
nuclei
nuclei
added 5 days ago30 views

D-Link Network Attached Storage - Backdoor Account

A vulnerability, which was classified as very critical, has been found in D-Link DNS-320L, DNS-325, DNS-327L and DNS-340L up to 20240403. This issue affects some unknown processing of the file /cgi-bin/nassharing.cgi of the component HTTP GET Request Handler. The manipulation of the argument user...

10CVSS6.9AI score0.98038EPSS
Exploits2References2
metasploit
metasploit
added 6 days ago24 views

FTP Fetch, Windows Command Shell, Reverse All-Port TCP Stager

Fetch and execute an x86 payload from an FTP server. Spawn a piped command shell staged. Try to connect back to the attacker, on all possible ports 1-65535, slowly Module Options This module requires Metasploit: https://metasploit.com/download Current source:...

6.2AI score
Exploits0
ossf
ossf
added 6 days ago9 views

Malicious code in stella-coder (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f0c3ed879ef15a68d537ad7b6ddb59508aba58eee49c8ca19b916ef59a0c2da6 stella-cli/telegram-bot.mjs hardcodes a Telegram bot API token BOTTOKEN = "8923551485:AAFw4wG8ZwOtp5rzFsnguxhu4AH-2ebSi0" that is controlled by the...

6.2AI score
Exploits0References11
nvd
nvd
added 6 days ago8 views

CVE-2026-12685

The EscortWP escortwp WordPress theme through 3.6.2 was distributed with a vendor-authored, obfuscated backdoor that lets an unauthenticated attacker who supplies a hard-coded, per-build key permanently delete all of the site's content, and that covertly transmits the site URL, administrator emai...

7.5CVSS0.00222EPSS
Exploits0References1
euvd
euvd
added 6 days ago6 views

EUVD-2026-42830

The EscortWP escortwp WordPress theme through 3.6.2 was distributed with a vendor-authored, obfuscated backdoor that lets an unauthenticated attacker who supplies a hard-coded, per-build key permanently delete all of the site's content, and that covertly transmits the site URL, administrator emai...

7.5CVSS6AI score0.00222EPSS
Exploits0References1
attackerkb
attackerkb
added 6 days ago7 views

CVE-2026-12685

The EscortWP escortwp WordPress theme through 3.6.2 was distributed with a vendor-authored, obfuscated backdoor that lets an unauthenticated attacker who supplies a hard-coded, per-build key permanently delete all of the site's content, and that covertly transmits the site URL, administrator emai...

7.5CVSS6AI score0.00222EPSS
Exploits0References1
cve
cve
added 6 days ago12 views

CVE-2026-12685

The CVE describes a backdoor in the EscortWP escortwp WordPress theme up to version 3.6.2. The backdoor is vendor-authored and obfuscated, allowing an unauthenticated attacker who supplies a hard-coded per-build key to permanently delete all site content. It also covertly transmits the site URL, ...

7.5CVSS5.8AI score0.00222EPSS
Exploits0References1
mssecure
mssecure
added 2026/07/09 3:0 p.m.18 views

GigaWiper: Anatomy of a destructive backdoor assembled from multiple malware

In this article 1. A wiper inside a backdoor 2. Backdoor capabilities 3. How GigaWiper was assembled 4. Conclusion: Multiple destructive capabilities consolidated into a single implant 5. Defending against destructive threats 6. Microsoft Defender detections 7. Indicators of compromise In October...

6.4AI score
Exploits0
nvd
nvd
added 2026/07/08 2:17 p.m.8 views

CVE-2026-58656

Grav API plugin before v1.0.0-rc.16 accepts JWT tokens via the ?token= URL query parameter and responds with Access-Control-Allow-Origin: , allowing unauthenticated attackers to make fully authenticated cross-origin API requests from any malicious website. Attackers who obtain a leaked JWT token...

8.7CVSS0.00271EPSS
Exploits0References2
Rows per page
Query Builder