Lucene search
K

7 matches found

The Hacker News
The Hacker News
added 2026/06/22 4:29 p.m.20 views

29-Year-Old Squid Proxy Bug 'Squidbleed' Can Leak Cleartext HTTP Requests

A heap over-read in the Squid web proxy can leak another user's cleartext HTTP request, including any credentials or session tokens it carries, to anyone already allowed to send traffic through the same proxy. The bug traces to a 1997 FTP-parsing change and is still live in Squid's default...

6.2AI score
Exploits0
EUVD
EUVD
added 2026/03/18 12:30 a.m.7 views

EUVD-2026-12647

Edimax GS-5008PL firmware version 1.00.54 and prior use cleartext HTTP for the web management interface without implementing TLS or SSL encryption. Attackers on the same network can intercept management traffic to capture administrator credentials and sensitive configuration data...

8.7CVSS5.8AI score0.00142EPSS
Exploits0References4
NVD
NVD
added 2026/03/17 10:16 p.m.6 views

CVE-2026-32838

Edimax GS-5008PL firmware version 1.00.54 and prior use cleartext HTTP for the web management interface without implementing TLS or SSL encryption. Attackers on the same network can intercept management traffic to capture administrator credentials and sensitive configuration data...

8.7CVSS0.00142EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/03/17 12:0 a.m.13 views

PT-2026-25944

Edimax GS-5008PL firmware version 1.00.54 and prior use cleartext HTTP for the web management interface without implementing TLS or SSL encryption. Attackers on the same network can intercept management traffic to capture administrator credentials and sensitive configuration data...

8.7CVSS5.8AI score0.00142EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2022/07/21 12:0 a.m.7 views

PT-2022-19268 · Axis · Axis M1125

Name of the Vulnerable Software and Affected Versions: Citilog version 8.0 Description: The server in Citilog allows an attacker, in a man-in-the-middle position between the server and its smart camera Axis M1125, to see FTP credentials in cleartext HTTP traffic. These credentials can be used for...

5.9CVSS5.5AI score0.00419EPSS
Exploits0References6
OSV
OSV
added 2022/05/20 1:15 p.m.6 views

CVE-2022-29874

A vulnerability has been identified in SICAM T All versions V3.0. Affected devices do not encrypt web traffic with clients but communicate in cleartext via HTTP. This could allow an unauthenticated attacker to capture the traffic and interfere with the functionality of the device...

8.8CVSS7.1AI score
Exploits0References3
OSV
OSV
added 2019/02/09 10:29 p.m.3 views

CVE-2019-7675

An issue was discovered on MOBOTIX S14 MX-V4.2.1.61 devices. The default management application is delivered over cleartext HTTP with Basic Authentication, as demonstrated by the /admin/index.html URI...

7.5CVSS7.1AI score0.01057EPSS
Exploits1References1
Rows per page
Query Builder