CVE-2026-45431

This vulnerability exists in GX Earth ONT models due to improper handling of user-supplied input in multiple diagnostic functions in its web management interface. An authenticated remote attacker could exploit this vulnerability by injecting arbitrary and executing OS commands on the targeted...

CVE-2026-45431

CVE-2026-45431 affects GX Earth ONT models. The issue stems from improper handling of user-supplied input in multiple diagnostic functions within the web management interface, enabling an authenticated remote attacker to inject commands and achieve remote code execution with root privileges. The ...

PT-2026-46194

This vulnerability exists in GX Earth ONT models due to improper handling of user-supplied input in multiple diagnostic functions in its web management interface. An authenticated remote attacker could exploit this vulnerability by injecting arbitrary and executing OS commands on the targeted...

EUVD-2017-2827

Malware in sbrugna...

EUVD-2022-30505

Malicious code in bioql PyPI...

EUVD-2024-50560

Malicious code in bioql PyPI...

CVE-2022-25922

Power Line Communications PLC4TRUCKS J2497 trailer brake controllers implement diagnostic functions which can be invoked by replaying J2497 messages. There is no authentication or authorization for these functions...

CVE-2024-12054

ZF Roll Stability Support Plus RSSPlus is vulnerable to an authentication bypass vulnerability targeting deterministic RSSPlus SecurityAccess service seeds, which may allow an attacker to remotely proximal/adjacent with RF equipment or via pivot from J2497 telematics devices call diagnostic...

CVE-2024-12054 ZF Roll Stability Support Plus (RSSPlus) Authentication Bypass By Primary Weakness

ZF Roll Stability Support Plus RSSPlus is vulnerable to an authentication bypass vulnerability targeting deterministic RSSPlus SecurityAccess service seeds, which may allow an attacker to remotely proximal/adjacent with RF equipment or via pivot from J2497 telematics devices call diagnostic...

CVE-2022-25922

Power Line Communications PLC4TRUCKS J2497 trailer brake controllers implement diagnostic functions which can be invoked by replaying J2497 messages. There is no authentication or authorization for these functions...

Authorization

Power Line Communications PLC4TRUCKS J2497 trailer brake controllers implement diagnostic functions which can be invoked by replaying J2497 messages. There is no authentication or authorization for these functions...

CVE-2022-25922 ICSA-22-063-01 Missing Authentication for Critical Function in Trailer Power Line Communications (PLC) J2497

Power Line Communications PLC4TRUCKS J2497 trailer brake controllers implement diagnostic functions which can be invoked by replaying J2497 messages. There is no authentication or authorization for these functions...

Trailer Power Line Communications 安全漏洞

Trailer Power Line Communications is a bi-directional serial communications link on a vehicle power line from Transportation Systems Sector. A security vulnerability exists in Trailer Power Line Communications PLC J2497, which can be exploited by an attacker to perform diagnostic functions in the...

Trailer Power Line Communications (PLC) J2497

1. EXECUTIVE SUMMARY CVSS v3 9.3 ATTENTION: Exploitable remotely/low attack complexity Equipment: Power Line Communications PLC: J2497 a.k.a. PLC4TRUCKS Vulnerabilities: Missing Authentication for Critical Function, Improper Protection against Electromagnetic Fault Injection 2. RISK EVALUATION...

REDDOX Multiple Vulnerabilities

REDDOXX Appliance is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:reddoxx:reddoxappliance";...

ClearSCADA Remote Authentication Bypass

!/usr/bin/python cs-auby.py ClearSCADA Remote Authentication Bypass Exploit Jeremy Brown jbrown3264/gmail Oct 2010 released Jan 2015 There is an authentication bypass vulnerability in ClearSCADA that can be exploited by triggering an exception in dbserver.exe and taking advantage of the way the...