51884 matches found
Emerson Dixell XWEB-500 - Arbitrary File Write
Emerson Dixell XWEB-500 contains an arbitrary file write caused by unauthenticated access to /cgi-bin/logoextraupload.cgi, /cgi-bin/calsave.cgi, and /cgi-bin/loutils.cgi, letting attackers write any file on the system, exploit requires no authentication. id: CVE-2021-45420 info: name: Emerson...
LOYTEC LGATE-902 6.3.2 - Local File Inclusion
LOYTEC LGATE-902 6.3.2 is susceptible to local file inclusion which could allow an attacker to manipulate path references and access files and directories including critical system files that are stored outside the root folder of the web application running on the device. This can be used to read...
EUVD-2026-43542
Lorex 2K Indoor Wi-Fi Security Camera Device Management Server Improper Certificate Validation Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Lorex 2K Indoor Wi-Fi Security Cameras. User interaction is not required to...
Malicious code in nodemon-eslint (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 50c506d75221403cde50b724defdd5c71441614ab87b54ff1ffa2a24af89678e The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
Forg365 PhaaS Targets Microsoft 365 with Device Code and AitM Session Theft
A new phishing-as-a-service PhaaS operation called Forg365 is using a combination of device code phishing, adversary-in-the-middle AitM tactics, antibot evasion, artificial intelligence AI-assisted lure creation, and post-compromise mailbox operations targeting Microsoft 365 accounts. Distributed...
CVE-2026-22099
The charging station does not require authentication for Bluetooth commands to perform actions. The functionality exposed includes sensitive information leakage, triggering reboots, or pushing a firmware update URL...
Malicious code in tipsen-last-pls (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bdcb8c863a7cdb4b0c61ff35c63613602654ae8cf581eb0b8c8e4bd0ed6c2f62 package.json declares a dependency safe-chain-test whose version specifier is a direct HTTPS tarball URL on an anonymous Cloudflare ephemeral tunnel:...
Malicious code in nottuff8 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4281f3e1363cd272d402582ac8d7bf2a0c0e0a75d42827a227dafaedebdc87d9 The tarball ships auto-publish.sh, a script that republishes the same payload under 100 distinct npm names ishowfeet1-ishowfeet20, nottuff1-nottuff30...
Malicious code in nottuff14 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ee11657fe74b7eef3139cfa2b9af453d122a4ae6a93964265354668c5c3b244b The tarball ships auto-publish.sh, a script that republishes the same payload under 100 distinct npm names ishowfeet1-ishowfeet20, nottuff1-nottuff30...
Malicious code in nottuff3 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1adec69437876499397efaf931f1aa569a8cb462462b673145b664c564701060 The tarball ships auto-publish.sh, a script that republishes the same payload under 100 distinct npm names ishowfeet1-ishowfeet20, nottuff1-nottuff30...
MAL-2026-10304 Malicious code in howmanygreatbritain (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 66707a972e4b6d232236d552157967ca09de229587cb90ca80ab1a1cac83fd22 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
Malicious code in speed5 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1eec0d2d56f1e9730af8b7f3a7b8897e86491d48663f7b09ae7c716f6b3c0092 [email protected] is not a functional Node package. package.json declares main: sw.js, but sw.js is a browser ServiceWorker importScripts'./8cfc2/hgshm.js...
MAL-2026-10295 Malicious code in bismillahitidakimas (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fbdeeb9f66b286397502ebf5d67dacf17f4cc4f58917fa9d201d799bb99c3e2c The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
MAL-2026-10332 Malicious code in lowkeybored (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 44a98aa46273662e37d16a9ce5fd2e003ae747c89301cbd03b1ba52bdbe81fca The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
WAVLINK - Access Control
Wavlink WN530HG4, WN531G3, WN533A8, and WN551K are susceptible to improper access control via /cgi-bin/ExportAllSettings.sh, where a crafted POST request returns the current configuration of the device, including the administrator password. No authentication is required. The attacker must perform...
AnythingLLM - Information Disclosure
AnythingLLM suffers from an information disclosure vulnerability through the /api/setup-complete API endpoint. By accessing this endpoint, a remote and unauthenticated attacker can access sensitive configuration of the target AnythingLLM instance. This detection is included in the AI and LLM...
Brother MFC-L9570CDW - Information Disclosure
An unauthenticated attacker who can access either the HTTP service TCP port 80, the HTTPS service TCP port 443, or the IPP service TCP port 631, can leak several pieces of sensitive information from a vulnerable device. The URI path /etc/mntinfo.csv can be accessed via a GET request and no...
TOTOLINK EX1200T 4.1.2cu.5215 - Authentication Bypass
TOTOLINK EX1200T 4.1.2cu.5215 is susceptible to authentication bypass. An attacker can bypass login by sending a specific request through formLoginAuth.htm, thus potentially being able to obtain sensitive information, modify data, and/or execute unauthorized operations. id: CVE-2021-42887 info:...
YeaLink DM 3.6.0.20 - Remote Command Injection
Yealink Device Management DM 3.6.0.20 allows command injection as root via the /sm/api/v1/firewall/zone/services URI, without authentication. id: CVE-2021-27561 info: name: YeaLink DM 3.6.0.20 - Remote Command Injection author: shifacyclewala,hackergautam severity: critical description: Yealink...
CVE-2026-15513
A security flaw has been discovered in Wavlink WL-NU516U1 260515. This affects the function wlinkucisetvalue of the file /cgi-bin/adm.cgi. Performing a manipulation of the argument lanip results in os command injection. The attack can be initiated remotely. The exploit has been released to the...