CVE-2026-43617 Rsync < 3.4.3 Authorization Bypass via Hostname Resolution

Rsync version 3.4.2 and prior contain an authorization bypass vulnerability in the rsync daemon's hostname-based access control list enforcement when configured with chroot. Attackers can bypass hostname-based deny rules by controlling the PTR record for their source IP address, allowing...

PT-2025-18701 · Tenda · Tenda Rx2 Pro

Name of the Vulnerable Software and Affected Versions: Tenda RX2 Pro version 16.03.30.14 Description: The issue concerns the use of weak credentials, allowing an unauthenticated attacker to authenticate to the telnet service. This is achieved by calculating the root password based on easily...

CVE-2025-25873

Cross Site Request Forgery vulnerability in Open Panel OpenAdmin v.0.3.4 allows a remote attacker to escalate privileges via the Change Root Password function...

CVE-2025-25873

Cross Site Request Forgery vulnerability in Open Panel OpenAdmin v.0.3.4 allows a remote attacker to escalate privileges via the Change Root Password function...

CVE-2025-25873

Open Panel OpenAdmin v0.3.4 is vulnerable to Cross Site Request Forgery (CSRF) that can escalate privileges via the Change Root Password function and related user-management actions. The CVE-2025-25873 entry documents a CSRF flaw enabling privilege elevation without requiring user interaction on ...

CVE-2025-25873

Cross Site Request Forgery vulnerability in Open Panel OpenAdmin v.0.3.4 allows a remote attacker to escalate privileges via the Change Root Password function...

MiniDVBLinux 5.4 Change Root Password Vulnerability

MiniDVBLinux 5.4 Change Root Password PoC Vendor: MiniDVBLinux Product web page: https://www.minidvblinux.de Affected version: =5.4 Summary: MiniDVBLinuxTM Distribution MLD. MLD offers a simple way to convert a standard PC into a Multi Media Centre based on the Video Disk Recorder VDR by Klaus...

CVE-2020-11964

In IQrouter through 3.3.1, the Lua function diagsetpassword in the web-panel allows remote attackers to change the root password arbitrarily. Note: The vendor claims that this vulnerability can only occur on a brand-new network that, after initiating the forced initial configuration which has a...

AtheOS 0.3.7 Change Root Relative Path Directory Escaping Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/4051/info AtheOS is a freely available, open source operating system. It is distributed under the GPL, and maintained by the AtheOS project. It is possible to escape change rooted directories on AtheOS. Due to insufficien...

AtheOS 0.3.7 - Change Root Directory Escaping

AtheOS 0.3.7 - Change Root Directory Escaping / source: https://www.securityfocus.com/bid/4051/info AtheOS is a freely available, open source operating system. It is distributed under the GPL, and maintained by the AtheOS project. It is possible to escape change rooted directories on AtheOS. Due ...

AtheOS 0.3.7 - Change Root Directory Escaping

/ source: https://www.securityfocus.com/bid/4051/info AtheOS is a freely available, open source operating system. It is distributed under the GPL, and maintained by the AtheOS project. It is possible to escape change rooted directories on AtheOS. Due to insufficient handling of relative pathes, a...