Lucene search
K

206 matches found

Vulnrichment
Vulnrichment
added 2025/04/23 4:52 p.m.7 views

CVE-2025-2771 BEC Technologies Multiple Routers Authentication Bypass Vulnerability

BEC Technologies Multiple Routers Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of BEC Technologies routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...

5.3CVSS6.9AI score0.00735EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/04/23 4:52 p.m.14 views

CVE-2025-2771 BEC Technologies Multiple Routers Authentication Bypass Vulnerability

BEC Technologies Multiple Routers Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of BEC Technologies routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...

5.3CVSS0.00735EPSS
Exploits0References1
CVE
CVE
added 2025/04/23 4:52 p.m.64 views

CVE-2025-2771

CVE-2025-2771 concerns BEC Technologies routers with an authentication bypass in the web-based UI, allowing remote attackers to access functionality without credentials. The vulnerability stems from lack of authentication prior to accessing UI functions. Connected sources (ZDI advisory ZDI-25-184...

5.3CVSS6.9AI score0.00735EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/04/23 4:51 p.m.4 views

CVE-2025-2770 BEC Technologies Multiple Routers Cleartext Password Storage Information Disclosure Vulnerability

BEC Technologies Multiple Routers Cleartext Password Storage Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of BEC Technologies routers. Authentication is required to exploit this vulnerability. The...

4.9CVSS5.9AI score0.00387EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/04/23 4:51 p.m.15 views

CVE-2025-2770 BEC Technologies Multiple Routers Cleartext Password Storage Information Disclosure Vulnerability

BEC Technologies Multiple Routers Cleartext Password Storage Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of BEC Technologies routers. Authentication is required to exploit this vulnerability. The...

4.9CVSS0.00387EPSS
Exploits0References1
CVE
CVE
added 2025/04/23 4:51 p.m.55 views

CVE-2025-2770

CVE-2025-2770 is linked to BEC Technologies Multiple Routers. The vulnerability arises from storing credentials in a recoverable (cleartext) format in the web-based user interface, allowing a remote attacker to disclose stored passwords after authentication. Exploitation details, affected models/...

6.5CVSS4.8AI score0.00387EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2025/04/23 12:0 a.m.4 views

BEC Routers 安全漏洞

BEC Routers is a series of routers from BEC USA. A security vulnerability exists in BEC Routers that stems from storing passwords in plaintext, which could lead to credential disclosure...

6.5CVSS5AI score0.00387EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/04/23 12:0 a.m.5 views

BEC Routers 安全漏洞

BEC Routers is a series of routers from BEC USA. A security vulnerability exists in BEC Routers that originates in the /cgi-bin/toolsusermanage.asp transfer of a list of user credentials, which could lead to the disclosure of sensitive information...

6.5CVSS5.2AI score0.00359EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/03/25 12:0 a.m.8 views

PT-2025-12849 · Bec Technologies · Bec Technologies Multiple Routers

Name of the Vulnerable Software and Affected Versions: BEC Technologies Multiple Routers affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations of BEC Technologies Multiple Routers. Although authentication is required to...

7.2CVSS7.3AI score0.01844EPSS
Exploits0References15
Positive Technologies
Positive Technologies
added 2025/03/25 12:0 a.m.11 views

PT-2025-12847 · Bec Technologies · Bec Technologies Multiple Routers

Name of the Vulnerable Software and Affected Versions: BEC Technologies Multiple Routers affected versions not specified Description: The issue concerns an authentication bypass vulnerability. It is reported to be a 0-day vulnerability, meaning it is being exploited in the wild before a fix is...

5.3CVSS5.2AI score0.00735EPSS
Exploits0References7
Zero Day Initiative
Zero Day Initiative
added 2025/03/25 12:0 a.m.8 views

(0Day) BEC Technologies Multiple Routers Insufficiently Protected Credentials Information Disclosure Vulnerability

This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of BEC Technologies routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within /cgi-bin/toolsusermanage.asp. The issue results from...

5.3CVSS6AI score0.00359EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2025/03/25 12:0 a.m.14 views

(0Day) BEC Technologies Multiple Routers Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of BEC Technologies routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web-based user interface. The issue results from the lack of authentication...

5.3CVSS6.9AI score0.00735EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2025/03/25 12:0 a.m.8 views

(0Day) BEC Technologies Multiple Routers sys ping Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of BEC Technologies Multiple Routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

7.2CVSS7.5AI score0.01844EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2025/03/25 12:0 a.m.4 views

PT-2025-12846 · Bec Technologies · Bec Technologies Multiple Routers

Name of the Vulnerable Software and Affected Versions: BEC Technologies Multiple Routers affected versions not specified Description: The issue concerns cleartext password storage, which leads to information disclosure. This affects BEC Technologies Multiple Routers, allowing unauthorized access ...

6.5CVSS4.9AI score0.00387EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2025/03/25 12:0 a.m.4 views

PT-2025-12848 · Bec Technologies · Bec Technologies Multiple Routers

Name of the Vulnerable Software and Affected Versions: BEC Technologies Multiple Routers affected versions not specified Description: The issue concerns an information disclosure vulnerability due to insufficiently protected credentials. This could potentially allow unauthorized access to sensiti...

5.3CVSS5AI score0.00359EPSS
Exploits0References6
Zero Day Initiative
Zero Day Initiative
added 2025/03/25 12:0 a.m.6 views

(0Day) BEC Technologies Multiple Routers Cleartext Password Storage Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of BEC Technologies routers. Authentication is required to exploit this vulnerability. The specific flaw exists within the web-based user interface. The issue results from storing credentials in...

4.9CVSS6AI score0.00387EPSS
Exploits0
The Hacker News
The Hacker News
added 2024/10/03 9:10 a.m.10 views

INTERPOL Arrests 8 in Major Phishing and Romance Fraud Crackdown in West Africa

INTERPOL has announced the arrest of eight individuals in Côte d'Ivoire and Nigeria as part of a crackdown on phishing scams and romance cyber fraud. Dubbed Operation Contender 2.0, the initiative is designed to tackle cyber-enabled crimes in West Africa, the agency said. One such threat involved...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/08/06 4:10 p.m.27 views

INTERPOL Recovers $41 Million in Largest Ever BEC Scam in Singapore

INTERPOL said it devised a "global stop-payment mechanism" that helped facilitate the largest-ever recovery of funds defrauded in a business email compromise BEC scam. The development comes after an unnamed commodity firm based in Singapore fell victim to a BEC scam in mid-July 2024. It refers to...

7.1AI score
Exploits0
Talos Blog
Talos Blog
added 2024/07/25 6:0 p.m.12 views

The massive computer outage over the weekend was not a cyber attack, and I’m not sure why we have to keep saying that

Youre not going to believe this, but there was a lot of misinformation on social media over the weekend after the massive CrowdStrike/Microsoft outage. As airlines cancelled flights, hospitals had to reschedule patients and some companies just flat-out couldnt work on Friday, people were quick to...

7.2AI score
Exploits0
Talos Blog
Talos Blog
added 2024/07/25 10:0 a.m.62 views

IR Trends: Ransomware on the rise, while technology becomes most targeted sector

Business email compromise BEC and ransomware were the top threats observed by Cisco Talos Incident Response Talos IR in the second quarter of 2024, together accounting for 60 percent of engagements. Although there was a decrease in BEC engagements from last quarter, it was still a major threat fo...

7.5CVSS8.4AI score0.99903EPSS
Exploits18
Rows per page
Query Builder