CVE-2025-7741

Hardcoded Password Vulnerability have been found in CENTUM. Affected products contain a hardcoded password for the user account PROG used for CENTUM Authentication Mode within the system. Under the following conditions, there is a risk that an attacker could log in as the PROG user. The default...

CVE-2025-7741

Hardcoded Password Vulnerability have been found in CENTUM. Affected products contain a hardcoded password for the user account PROG used for CENTUM Authentication Mode within the system. Under the following conditions, there is a risk that an attacker could log in as the PROG user. The default...

CVE-2025-7741

Hardcoded Password Vulnerability have been found in CENTUM. Affected products contain a hardcoded password for the user account PROG used for CENTUM Authentication Mode within the system. Under the following conditions, there is a risk that an attacker could log in as the PROG user. The default...

PT-2026-28306

Name of the Vulnerable Software and Affected Versions CENTUM versions R5.01.00 through R5.04.20 CENTUM versions R6.01.00 through R6.12.00 CENTUM version R7.01.00 Description The affected software contains a hardcoded password for the PROG user account, used for CENTUM Authentication Mode. An...

EUVD-2025-206089

Cypress Solutions CTM-200 2.7.1 contains an authenticated command injection vulnerability in the firmware upgrade script that allows remote attackers to execute shell commands. Attackers can exploit the 'fwurl' parameter in the ctm-config-upgrade.sh script to inject and execute arbitrary commands...

CVE-2021-47745

Cypress Solutions CTM-200 2.7.1 contains an authenticated command injection vulnerability in the firmware upgrade script that allows remote attackers to execute shell commands. Attackers can exploit the 'fwurl' parameter in the ctm-config-upgrade.sh script to inject and execute arbitrary commands...

CVE-2021-47744

Cypress Solutions CTM-200/CTM-ONE 1.3.6 contains a hard-coded credentials issue in its Linux distribution, exposing remote root access via the static password 'Chameleon' over Telnet or SSH. Public sources note potential remote root compromise for affected devices; CVSS metrics in the entry indic...

CVE-2021-47744 Cypress Solutions CTM-200/CTM-ONE 1.3.6 Hard-coded Credentials Remote Root

Cypress Solutions CTM-200/CTM-ONE 1.3.6 contains hard-coded credentials vulnerability in Linux distribution that exposes root access. Attackers can exploit the static 'Chameleon' password to gain remote root access via Telnet or SSH on affected devices...

CVE-2021-47745 Cypress Solutions CTM-200 2.7.1 Root Remote OS Command Injection via Firmware Upgrade

Cypress Solutions CTM-200 2.7.1 contains an authenticated command injection vulnerability in the firmware upgrade script that allows remote attackers to execute shell commands. Attackers can exploit the 'fwurl' parameter in the ctm-config-upgrade.sh script to inject and execute arbitrary commands...

CVE-2021-47745

CVE-2021-47745 affects Cypress Solutions CTM-200 firmware 2.7.1. The authenticated command injection occurs in the firmware upgrade script via the fw_url parameter in ctm-config-upgrade.sh, allowing a remote attacker to inject and execute arbitrary commands with root privileges. CVSS metrics indi...

CVE-2021-47744 Cypress Solutions CTM-200/CTM-ONE 1.3.6 Hard-coded Credentials Remote Root

Cypress Solutions CTM-200/CTM-ONE 1.3.6 contains hard-coded credentials vulnerability in Linux distribution that exposes root access. Attackers can exploit the static 'Chameleon' password to gain remote root access via Telnet or SSH on affected devices...

PT-2025-54426

Cypress Solutions CTM-200 2.7.1 contains an authenticated command injection vulnerability in the firmware upgrade script that allows remote attackers to execute shell commands. Attackers can exploit the 'fw url' parameter in the ctm-config-upgrade.sh script to inject and execute arbitrary command...

Cypress Solutions CTM-200 操作系统命令注入漏洞

The Cypress Solutions CTM-200 is a wireless gateway from Cypress Solutions. An operating system command injection vulnerability exists in the Cypress Solutions CTM-200 version 2.7.1, which stems from an authenticated command injection in the fwurl parameter of the firmware upgrade script, which...

PT-2025-54425

Name of the Vulnerable Software and Affected Versions Cypress Solutions CTM-200/CTM-ONE version 1.3.6 Description The software contains a hard-coded credential issue in its Linux distribution, exposing root access. An attacker can exploit the static password 'Chameleon' to gain remote root access...

Cypress CTM-ONE 信任管理问题漏洞

The Cypress CTM-ONE is a wireless LTE gateway from Cypress Canada. A trust management issue vulnerability exists in Cypress CTM-ONE version 1.3.6, which stems from the presence of hard-coded credentials in the Linux distribution that could allow an attacker to gain remote root access...

CVE-2023-47415

Cypress Solutions CTM-200 v2.7.1.5600 and below was discovered to contain an OS command injection vulnerability via the clitext parameter...

ctm-academy.cz Cross Site Scripting vulnerability OBB-3867771

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

CVE-2023-47415

Cypress Solutions CTM-200 v2.7.1.5600 and below was discovered to contain an OS command injection vulnerability via the clitext parameter...

Command injection

Cypress Solutions CTM-200 v2.7.1.5600 and below was discovered to contain an OS command injection vulnerability via the clitext parameter...

PT-2024-13448 · Cypress Solutions · Ctm-200

Name of the Vulnerable Software and Affected Versions: Cypress Solutions CTM-200 versions 2.7.1.5600 and below Description: The issue is related to an OS command injection vulnerability. This vulnerability can be exploited via the cli text parameter. Recommendations: For versions 2.7.1.5600 and...