206 matches found
CVE-2025-2771 BEC Technologies Multiple Routers Authentication Bypass Vulnerability
BEC Technologies Multiple Routers Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of BEC Technologies routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...
CVE-2025-2771 BEC Technologies Multiple Routers Authentication Bypass Vulnerability
BEC Technologies Multiple Routers Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of BEC Technologies routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...
CVE-2025-2771
CVE-2025-2771 concerns BEC Technologies routers with an authentication bypass in the web-based UI, allowing remote attackers to access functionality without credentials. The vulnerability stems from lack of authentication prior to accessing UI functions. Connected sources (ZDI advisory ZDI-25-184...
CVE-2025-2770 BEC Technologies Multiple Routers Cleartext Password Storage Information Disclosure Vulnerability
BEC Technologies Multiple Routers Cleartext Password Storage Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of BEC Technologies routers. Authentication is required to exploit this vulnerability. The...
CVE-2025-2770 BEC Technologies Multiple Routers Cleartext Password Storage Information Disclosure Vulnerability
BEC Technologies Multiple Routers Cleartext Password Storage Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of BEC Technologies routers. Authentication is required to exploit this vulnerability. The...
CVE-2025-2770
CVE-2025-2770 is linked to BEC Technologies Multiple Routers. The vulnerability arises from storing credentials in a recoverable (cleartext) format in the web-based user interface, allowing a remote attacker to disclose stored passwords after authentication. Exploitation details, affected models/...
BEC Routers 安全漏洞
BEC Routers is a series of routers from BEC USA. A security vulnerability exists in BEC Routers that stems from storing passwords in plaintext, which could lead to credential disclosure...
BEC Routers 安全漏洞
BEC Routers is a series of routers from BEC USA. A security vulnerability exists in BEC Routers that originates in the /cgi-bin/toolsusermanage.asp transfer of a list of user credentials, which could lead to the disclosure of sensitive information...
PT-2025-12849 · Bec Technologies · Bec Technologies Multiple Routers
Name of the Vulnerable Software and Affected Versions: BEC Technologies Multiple Routers affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations of BEC Technologies Multiple Routers. Although authentication is required to...
PT-2025-12847 · Bec Technologies · Bec Technologies Multiple Routers
Name of the Vulnerable Software and Affected Versions: BEC Technologies Multiple Routers affected versions not specified Description: The issue concerns an authentication bypass vulnerability. It is reported to be a 0-day vulnerability, meaning it is being exploited in the wild before a fix is...
(0Day) BEC Technologies Multiple Routers Insufficiently Protected Credentials Information Disclosure Vulnerability
This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of BEC Technologies routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within /cgi-bin/toolsusermanage.asp. The issue results from...
(0Day) BEC Technologies Multiple Routers Authentication Bypass Vulnerability
This vulnerability allows remote attackers to bypass authentication on affected installations of BEC Technologies routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web-based user interface. The issue results from the lack of authentication...
(0Day) BEC Technologies Multiple Routers sys ping Command Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of BEC Technologies Multiple Routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...
PT-2025-12846 · Bec Technologies · Bec Technologies Multiple Routers
Name of the Vulnerable Software and Affected Versions: BEC Technologies Multiple Routers affected versions not specified Description: The issue concerns cleartext password storage, which leads to information disclosure. This affects BEC Technologies Multiple Routers, allowing unauthorized access ...
PT-2025-12848 · Bec Technologies · Bec Technologies Multiple Routers
Name of the Vulnerable Software and Affected Versions: BEC Technologies Multiple Routers affected versions not specified Description: The issue concerns an information disclosure vulnerability due to insufficiently protected credentials. This could potentially allow unauthorized access to sensiti...
(0Day) BEC Technologies Multiple Routers Cleartext Password Storage Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of BEC Technologies routers. Authentication is required to exploit this vulnerability. The specific flaw exists within the web-based user interface. The issue results from storing credentials in...
INTERPOL Arrests 8 in Major Phishing and Romance Fraud Crackdown in West Africa
INTERPOL has announced the arrest of eight individuals in Côte d'Ivoire and Nigeria as part of a crackdown on phishing scams and romance cyber fraud. Dubbed Operation Contender 2.0, the initiative is designed to tackle cyber-enabled crimes in West Africa, the agency said. One such threat involved...
INTERPOL Recovers $41 Million in Largest Ever BEC Scam in Singapore
INTERPOL said it devised a "global stop-payment mechanism" that helped facilitate the largest-ever recovery of funds defrauded in a business email compromise BEC scam. The development comes after an unnamed commodity firm based in Singapore fell victim to a BEC scam in mid-July 2024. It refers to...
The massive computer outage over the weekend was not a cyber attack, and I’m not sure why we have to keep saying that
Youre not going to believe this, but there was a lot of misinformation on social media over the weekend after the massive CrowdStrike/Microsoft outage. As airlines cancelled flights, hospitals had to reschedule patients and some companies just flat-out couldnt work on Friday, people were quick to...
IR Trends: Ransomware on the rise, while technology becomes most targeted sector
Business email compromise BEC and ransomware were the top threats observed by Cisco Talos Incident Response Talos IR in the second quarter of 2024, together accounting for 60 percent of engagements. Although there was a decrease in BEC engagements from last quarter, it was still a major threat fo...