Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

43 matches found

RedhatCVE
RedhatCVEadded 2026/01/09 9:31 a.m.5 views

CVE-2023-25187

An issue was discovered on NOKIA Airscale ASIKA Single RAN devices before 21B. Nokia Single RAN commissioning procedures do not change factory-time installed default SSH public/private key values that are specific to a network operator. As a result, the CSP internal BTS network SSH server disable...

7CVSS7.1AI score0.00175EPSS
Exploits4References1
RedhatCVE
RedhatCVEadded 2025/11/19 10:23 a.m.2 views

CVE-2025-41733

The commissioning wizard on the affected devices does not validate if the device is already initialized. An unauthenticated remote attacker can construct POST requests to set root credentials...

9.8CVSS7.1AI score0.00117EPSS
Exploits0References1
EUVD
EUVDadded 2025/11/18 12:30 p.m.2 views

EUVD-2025-197985

The commissioning wizard on the affected devices does not validate if the device is already initialized. An unauthenticated remote attacker can construct POST requests to set root credentials...

9.8CVSS6.7AI score0.00117EPSS
Exploits0References2
OSV
OSVadded 2025/11/18 11:15 a.m.1 views

CVE-2025-41733

The commissioning wizard on the affected devices does not validate if the device is already initialized. An unauthenticated remote attacker can construct POST requests to set root credentials...

9.8CVSS5.9AI score
Exploits0References1
NVD
NVDadded 2025/11/18 11:15 a.m.3 views

CVE-2025-41733

The commissioning wizard on the affected devices does not validate if the device is already initialized. An unauthenticated remote attacker can construct POST requests to set root credentials...

9.8CVSS0.00117EPSS
Exploits0References1
CVE
CVEadded 2025/11/18 10:17 a.m.11 views

CVE-2025-41733

The CVE-2025-41733 issue affects METZ CONNECT EWIO2-M, EWIO2-M-BM, and EWIO2-BM devices. The commissioning wizard does not validate whether the device is already initialized, enabling an unauthenticated remote attacker to construct HTTP POST requests to set root credentials, potentially gaining f...

9.8CVSS6.8AI score0.00117EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichmentadded 2025/11/18 10:17 a.m.3 views

CVE-2025-41733 Possible malfunction credential injection

The commissioning wizard on the affected devices does not validate if the device is already initialized. An unauthenticated remote attacker can construct POST requests to set root credentials...

9.8CVSS6.8AI score0.00117EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2025/11/18 12:0 a.m.1 views

PT-2025-47290

Name of the Vulnerable Software and Affected Versions versions prior to 2.3 Description The commissioning wizard does not validate if the device is already initialized. This allows an unauthenticated remote attacker to construct HTTP POST requests to set or modify root credentials without...

9.8CVSS7AI score0.00117EPSS
Exploits0References7
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2020-27161

Malware in sbrugna...

7.9CVSS7.8AI score0.03684EPSS
Exploits1References3
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2023-34150

Malicious code in bioql PyPI...

9.8CVSS9.1AI score0.00171EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2023-29151

Malicious code in bioql PyPI...

7CVSS6.8AI score0.00175EPSS
Exploits4References3
RedhatCVE
RedhatCVEadded 2025/05/24 7:11 p.m.6 views

CVE-2024-13954

Serialized configuration information may be disclosed during device commissioning while using ASPECT's configuration toolsetThis issue affects ASPECT-Enterprise: through 3.; NEXUS Series: through 3.; MATRIX Series: through 3...

6.5CVSS6.7AI score0.00094EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/23 4:54 a.m.5 views

CVE-2023-2686

Buffer overflow in Wi-Fi Commissioning MicriumOS example in Silicon Labs Gecko SDK v4.2.3 or earlier allows connected device to write payload onto the stack...

9.8CVSS7.2AI score0.00171EPSS
Exploits0References1
NVD
NVDadded 2025/05/22 7:15 p.m.5 views

CVE-2024-13954

Serialized configuration information may be disclosed during device commissioning while using ASPECT's configuration toolsetThis issue affects ASPECT-Enterprise: through 3.; NEXUS Series: through 3.; MATRIX Series: through 3...

6.5CVSS0.00094EPSS
Exploits0References1
Cvelist
Cvelistadded 2025/05/22 6:30 p.m.8 views

CVE-2024-13954 Serialization / Deserialization of configuration data

Serialized configuration information may be disclosed during device commissioning while using ASPECT's configuration toolsetThis issue affects ASPECT-Enterprise: through 3.; NEXUS Series: through 3.; MATRIX Series: through 3...

6.5CVSS0.00094EPSS
Exploits0References1
CVE
CVEadded 2025/05/22 6:30 p.m.39 views

CVE-2024-13954

CVE-2024-13954 describes an information disclosure in ABB ASPECT products where serialized configuration data can be exposed during device commissioning via the ASPECT configuration toolset. Affected: ASPECT-Enterprise (through 3.), NEXUS Series (through 3. ), MATRIX Series (through 3.*). Root ca...

6.5CVSS6.4AI score0.00094EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2025/05/22 6:13 p.m.5 views

CVE-2024-13947 External System or Configuration Control

Device commissioning parameters in ASPECT may be modified by an external source if administrative credentials become compromisedThis issue affects ASPECT-Enterprise: through 3.; NEXUS Series: through 3.; MATRIX Series: through 3...

7.1CVSS6.1AI score0.00291EPSS
Exploits0References1
OSV
OSVadded 2023/06/16 8:15 p.m.0 views

CVE-2023-25187

An issue was discovered on NOKIA Airscale ASIKA Single RAN devices before 21B. Nokia Single RAN commissioning procedures do not change factory-time installed default SSH public/private key values that are specific to a network operator. As a result, the CSP internal BTS network SSH server disable...

7CVSS5.7AI score0.00175EPSS
Exploits4References3
ATTACKERKB
ATTACKERKBadded 2023/06/16 8:15 p.m.0 views

CVE-2023-25187

An issue was discovered on NOKIA Airscale ASIKA Single RAN devices before 21B. Nokia Single RAN commissioning procedures do not change factory-time installed default SSH public/private key values that are specific to a network operator. As a result, the CSP internal BTS network SSH server disable...

7CVSS5.9AI score0.00175EPSS
Exploits4References4
NVD
NVDadded 2023/06/16 8:15 p.m.9 views

CVE-2023-25187

An issue was discovered on NOKIA Airscale ASIKA Single RAN devices before 21B. Nokia Single RAN commissioning procedures do not change factory-time installed default SSH public/private key values that are specific to a network operator. As a result, the CSP internal BTS network SSH server disable...

7CVSS6.5AI score0.00175EPSS
Exploits4References3
Rows per page
Query Builder