3 matches found
CVE-2025-67112
Use of a hard-coded AES-256-CBC key in the configuration backup/restore implementation of Small Cell Sercomm SCE4255W FreedomFi Englewood firmware before DG3934v3@2308041842 allows remote authenticated users to decrypt, modify, and re-encrypt device configurations, enabling credential manipulatio...
Trendnet AC2600 信任管理问题漏洞
The Trendnet AC2600 TEW-827DRU is a wireless router that has a security vulnerability that could be exploited by attackers to back up and restore device configurations through the management web interface. The devices are encrypted using the hard-coded password "12345678"...
Command injection
The configuration backup/restore function in Silver Peak Unity ECOSTM ECOS appliance software was found to directly incorporate the user-controlled config filename in a subsequent shell command, allowing an attacker to manipulate the resulting command by injecting valid OS command input. This...