12 matches found
CVE-2026-25715
The web management interface of the device allows the administrator username and password to be set to blank values. Once applied, the device permits authentication with empty credentials over the web management interface and Telnet service. This effectively disables authentication across all...
CVE-2026-25715
The web management interface of the device allows the administrator username and password to be set to blank values. Once applied, the device permits authentication with empty credentials over the web management interface and Telnet service. This effectively disables authentication across all...
CVE-2026-25715 Jinan USR IOT Technology Limited (PUSR) USR-W610 Weak Password Requirements
The web management interface of the device allows the administrator username and password to be set to blank values. Once applied, the device permits authentication with empty credentials over the web management interface and Telnet service. This effectively disables authentication across all...
CVE-2026-25715
The web management interface of the device allows the administrator username and password to be set to blank values. Once applied, the device permits authentication with empty credentials over the web management interface and Telnet service. This effectively disables authentication across all...
CVE-2026-25715 Jinan USR IOT Technology Limited (PUSR) USR-W610 Weak Password Requirements
The web management interface of the device allows the administrator username and password to be set to blank values. Once applied, the device permits authentication with empty credentials over the web management interface and Telnet service. This effectively disables authentication across all...
CVE-2026-25715
CVE-2026-25715 affects the embedded web management interface of the Jinan USR IOT USR-W610. The vulnerability allows an administrator username/password to be set to blank values, enabling authentication with empty credentials over HTTP(S) web management and Telnet. This effectively disables authe...
EUVD-2025-201260
Waveshare RS232/485 TO WIFI ETH B Serial to Ethernet/Wi-Fi Gateway Firmware V3.1.1.0: HW 4.3.2.1: Webpage V7.04T.07.002880.0301 allows attackers to set the Administrator password and username as blank values, allowing attackers to bypass authentication...
CVE-2025-63362
The CVE-2025-63362 affects Waveshare RS232/485 TO WIFI ETH (B) Serial to Ethernet/Wi-Fi Gateway, firmware V3.1.1.0 (HW 4.3.2.1, webpage V7.04T.07.002880.0301). The issue allows an attacker to set the Administrator password and username to blank values, enabling authentication bypass. Documented b...
EUVD-2002-0300
Malware in sbrugna...
CVE-2024-22179
The application is vulnerable to an unauthenticated parameter manipulation that allows an attacker to set the credentials to blank giving her access to the admin panel. Also vulnerable to account takeover and arbitrary password change...
PT-2024-19258 · Electrolink · Compact Dab Transmitter +6
Name of the Vulnerable Software and Affected Versions: Application affected versions not specified Description: The issue allows an attacker to perform an unauthenticated parameter manipulation. This manipulation enables the attacker to set credentials to blank, thereby gaining access to the admi...
CVE-2019-20027
Aspire-derived NEC PBXes, including the SV8100, SV9100, SL1100 and SL2100 with software releases 7.0 or higher contain the possibility if incorrectly configured to allow a blank username and password combination to be entered as a valid, successfully authenticating account...