PT-2025-35469

Name of the Vulnerable Software and Affected Versions: D-Link DI-7400G+ version 19.12.25A1 Description: A security flaw exists in the D-Link DI-7400G+ router. The issue is located in the sub 478D28 function of the /mng platform.asp file. Manipulation of the addr argument with the input echo 12345...

Partner Software和Partner Software Partner Web 安全漏洞

Partner Software and Partner Software Partner Web are both products of Partner Software, a U.S.-based company.Partner Software is a geographic information system application.Partner Software Partner Web is a back-end system that provides review of reports on the Partner Software is a GIS...

CVE-2025-8231 D-Link DIR-890L UART Port rgbin hard-coded credentials

A vulnerability, which was classified as critical, has been found in D-Link DIR-890L up to 111b04. This issue affects some unknown processing of the file rgbin of the component UART Port. The manipulation leads to hard-coded credentials. It is possible to launch the attack on the physical device...

CVE-2025-8231

CVE-2025-8231 affects the D-Link DIR-890L, up to firmware 111b04, where the issue involves processing the rgbin file in the UART Port. The root cause described across connected documents is hard-coded credentials exposed via this path, enabling a local/physical attack on the device. Public disclo...

CVE-2025-8231 D-Link DIR-890L UART Port rgbin hard-coded credentials

A vulnerability, which was classified as critical, has been found in D-Link DIR-890L up to 111b04. This issue affects some unknown processing of the file rgbin of the component UART Port. The manipulation leads to hard-coded credentials. It is possible to launch the attack on the physical device...

CVE-2025-7213

A vulnerability classified as critical has been found in FNKvision FNK-GU2 up to 40.1.7. Affected is an unknown function of the component UART Interface. The manipulation leads to on-chip debug and test interface with improper access control. It is possible to launch the attack on the physical...

CVE-2025-7214 FNKvision FNK-GU2 MD5 shadow risky encryption

A vulnerability classified as problematic was found in FNKvision FNK-GU2 up to 40.1.7. Affected by this vulnerability is an unknown functionality of the file /etc/shadow of the component MD5. The manipulation leads to risky cryptographic algorithm. It is possible to launch the attack on the...

CVE-2025-7214 FNKvision FNK-GU2 MD5 shadow risky encryption

A vulnerability classified as problematic was found in FNKvision FNK-GU2 up to 40.1.7. Affected by this vulnerability is an unknown functionality of the file /etc/shadow of the component MD5. The manipulation leads to risky cryptographic algorithm. It is possible to launch the attack on the...

CVE-2025-7213 FNKvision FNK-GU2 UART Interface on-chip debug and test interface with improper access control

A vulnerability classified as critical has been found in FNKvision FNK-GU2 up to 40.1.7. Affected is an unknown function of the component UART Interface. The manipulation leads to on-chip debug and test interface with improper access control. It is possible to launch the attack on the physical...

CVE-2025-6748 Bharti Airtel Thanks App files cleartext storage in a file or on disk

A vulnerability classified as problematic has been found in Bharti Airtel Thanks App 4.105.4 on Android. Affected is an unknown function of the file /Android/data/com.myairtelapp/files/. The manipulation leads to cleartext storage in a file or on disk. It is possible to launch the attack on the...

CVE-2025-6748

The CVE-2025-6748 entry concerns Bharti Airtel Thanks App v4.105.4 on Android. Affected is an unknown function in the file /Android/data/com.myairtelapp/files/, where data is stored in cleartext on disk. The risk is local to the physical device and arises from cleartext storage in the app’s data ...

CVE-2025-5715 Signal App Biometric Authentication missing critical step in authentication

A vulnerability was found in Signal App 7.41.4 on Android. It has been declared as problematic. This vulnerability affects unknown code of the component Biometric Authentication Handler. The manipulation leads to missing critical step in authentication. It is possible to launch the attack on the...

CVE-2022-25809

Improper Neutralization of audio output from 3rd and 4th Generation Amazon Echo Dot devices allows arbitrary voice command execution on these devices via a malicious skill in the case of remote attackers or by pairing a malicious Bluetooth device in the case of physically proximate attackers, aka...

CVE-2022-3349

A vulnerability was found in Sony PS4 and PS5. It has been classified as critical. This affects the function UVFATreadupcasetable of the component exFAT Handler. The manipulation of the argument dataLength leads to heap-based buffer overflow. It is possible to launch the attack on the physical...

CVE-2021-20145

Gryphon Tower routers contain an unprotected openvpn configuration file which can grant attackers access to the Gryphon homebound VPN network which exposes the LAN interfaces of other users' devices connected to the same service. An attacker could leverage this to make configuration changes to, o...

CVE-2025-2920

A vulnerability was found in Netis WF-2404 1.1.124EN. It has been rated as problematic. This issue affects some unknown processing of the file /еtc/passwd. The manipulation leads to use of weak hash. It is possible to launch the attack on the physical device. The complexity of an attack is rather...

CVE-2025-2921

A vulnerability classified as critical has been found in Netis WF-2404 1.1.124EN. Affected is an unknown function of the file /etc/passwd. The manipulation with the input Realtek leads to use of default password. It is possible to launch the attack on the physical device. The complexity of an...

CVE-2025-2922

CVE-2025-2922 affects Netis WF-2404 (firmware 1.1.124EN). The vulnerability involves an unknown BusyBox Shell functionality and results in cleartext storage of sensitive information when the attacker has physical access to the device. The attack vector is physical with HIGH complexity and require...

CVE-2025-2919

A vulnerability was found in Netis WF-2404 1.1.124EN. It has been declared as critical. This vulnerability affects unknown code of the component UART. The manipulation leads to hardware allows activation of test or debug logic at runtime. It is possible to launch the attack on the physical device...

CVE-2025-2920 Netis WF-2404 passwd weak hash

A vulnerability was found in Netis WF-2404 1.1.124EN. It has been rated as problematic. This issue affects some unknown processing of the file /еtc/passwd. The manipulation leads to use of weak hash. It is possible to launch the attack on the physical device. The complexity of an attack is rather...