59 matches found
CVE-2026-8598
CVE-2026-8598 affects ZKTeco CCTV cameras with an undocumented configuration export port that is reachable without authentication. This exposes sensitive data including open services and camera administrator credentials. Reported impact is high (CVSS 3.1/4.0: CRITICAL). Public sources indicate un...
ZKTeco CCTV Cameras 安全漏洞
ZKTeco CCTV Cameras are a series of network video surveillance cameras designed for security monitoring scenarios by ZKTeco Technology Co., Ltd. ZKTeco CCTV cameras have security vulnerabilities; these vulnerabilities stem from an unrecorded configuration export port that can be accessed without...
ZKTeco CCTV Cameras
ADVISORY SUMMARY Successful exploitation of this vulnerability could result in information disclosure, including capture of camera account credentials. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Minimize...
EUVD-2026-9823
Use of a Broken or Risky Cryptographic Algorithm vulnerability in rustdesk-server-pro RustDesk Server Pro rustdesk-server-pro on Windows, MacOS, Linux Config string generation, web console export modules allows Retrieve Embedded Sensitive Data. This vulnerability is associated with program routin...
Automated FortiGate Attacks Exploit FortiCloud SSO to Alter Firewall Configurations
Cybersecurity company Arctic Wolf has warned of a "new cluster of automated malicious activity" that involves unauthorized firewall configuration changes on Fortinet FortiGate devices. The activity, it said, commenced on January 15, 2026, adding it shares similarities with a December 2025 campaig...
EUVD-2020-19674
Malware in sbrugna...
EUVD-2021-26389
Malware in sbrugna...
EUVD-2024-44175
Malicious code in bioql PyPI...
EUVD-2023-24195
Malicious code in bioql PyPI...
EUVD-2025-22955
Malicious code in bioql PyPI...
EUVD-2023-26552
Malicious code in bioql PyPI...
CVE-2025-54766
An API endpoint that should be limited to web application administrators is hidden from, but accessible by, lower-level read only web application users. The endpoint can be used to export the appliance configuration, exposing sensitive information...
CVE-2025-54766 KL-001-2025-012: Xorux XorMon-NG Read Only User Export Device Configuration Exposing Sensitive Information
An API endpoint that should be limited to web application administrators is hidden from, but accessible by, lower-level read only web application users. The endpoint can be used to export the appliance configuration, exposing sensitive information...
CVE-2025-54766
Xorux XorMon-NG has a privilege-API endpoint that should be admin-only but is accessible to lower-level read-only users, enabling export of the appliance configuration. Technical description from KoreLogic (KL-001-2025-012) and corroborated by multiple sources shows affected Version: 1.8 and prio...
CVE-2020-27150
In multiple versions of NPort IA5000A Series, the result of exporting a device’s configuration contains the passwords of all users on the system and other sensitive data in the original form if “Pre-shared key” doesn’t set...
CVE-2019-19699
There is Authenticated remote code execution in Centreon Infrastructure Monitoring Software through 19.10 via Pollers misconfiguration, leading to system compromise via apache crontab misconfiguration, This allows the apache user to modify an executable file executed by root at 22:30 every day. T...
DRUPAL-CONTRIB-2025-017
This module enables you to create super sets of configuration and enable them conditionally, for example have some modules installed only in some environments. The module does not use Cross Site Request Forgery CSRF tokens to protect routes for enabling or disabling a split. This vulnerability is...
CVE-2024-52884
An issue was discovered in AudioCodes Mediant Session Border Controller SBC before 7.40A.501.841. Due to the use of weak password obfuscation/encryption, an attacker with access to configuration exports INI is able to decrypt the passwords...
AudioCodes Mediant Session Border Controller 安全漏洞
AudioCodes Mediant Session Border Controller AudioCodes Mediant SBC is a session border controller from AudioCodes, Inc. A security vulnerability exists in AudioCodes Mediant Session Border Controller SBC versions prior to 7.40A.501.841, which stems from the use of weak password obfuscation, wher...
Hitachi Energy TRO600 安全漏洞
The Hitachi Energy TRO600 is a series of routers from Hitachi, Ltd. of Japan Hitachi. It enables a scalable, flexible and secure hybrid wireless communications architecture. A security vulnerability exists in the Hitachi Energy TRO600 that stems from the configuration files of the TRO600 series o...