Lucene search
K

324 matches found

The Hacker News
The Hacker News
added 2026/06/09 12:26 p.m.21 views

WinRAR Flaw Exploited by Russia-Aligned Groups to Deploy Stealers in Ukraine

Two Russia-aligned cyber attack campaigns have continued to exploit a security flaw in WinRAR to target Ukrainian organisations, almost a year after patches for the vulnerability were released. The activity has been attributed by Trend Micro to Earth Dahu aka Gamaredon and SHADOW-EARTH-066 aka...

8.8CVSS5.6AI score0.85778EPSS
Exploits35
RedhatCVE
RedhatCVE
added 2026/06/05 7:18 p.m.10 views

CVE-2026-45431

This vulnerability exists in GX Earth ONT models due to improper handling of user-supplied input in multiple diagnostic functions in its web management interface. An authenticated remote attacker could exploit this vulnerability by injecting arbitrary and executing OS commands on the targeted...

8.7CVSS6.5AI score0.00388EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:18 p.m.9 views

CVE-2026-45433

This vulnerability exists in GX Earth 2022 ONT models due to the presence of hardcoded RSA private key within the device firmware. A remote attacker could exploit this vulnerability by extracting the cryptographic private key from the firmware, which could lead to decryption of HTTPS traffic and...

8.7CVSS5.5AI score0.00344EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:17 p.m.9 views

CVE-2026-45432

This vulnerability exists in GX Earth ONT models due to the transmission of user credentials in plaintext over HTTP in its web management interface. A remote attacker could exploit this vulnerability by intercepting network traffic to obtain sensitive authentication information, which could lead ...

8.7CVSS5.5AI score0.00244EPSS
Exploits0References1
NVD
NVD
added 2026/06/04 12:16 p.m.11 views

CVE-2026-45432

This vulnerability exists in GX Earth ONT models due to the transmission of user credentials in plaintext over HTTP in its web management interface. A remote attacker could exploit this vulnerability by intercepting network traffic to obtain sensitive authentication information, which could lead ...

8.7CVSS0.00244EPSS
Exploits0References1
NVD
NVD
added 2026/06/04 12:16 p.m.17 views

CVE-2026-45431

This vulnerability exists in GX Earth ONT models due to improper handling of user-supplied input in multiple diagnostic functions in its web management interface. An authenticated remote attacker could exploit this vulnerability by injecting arbitrary and executing OS commands on the targeted...

8.7CVSS0.00388EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/04 12:13 p.m.35 views

CVE-2026-45433 Hardcoded Cryptographic Key Vulnerability in GX Earth ONT Models

This vulnerability exists in GX Earth 2022 ONT models due to the presence of hardcoded RSA private key within the device firmware. A remote attacker could exploit this vulnerability by extracting the cryptographic private key from the firmware, which could lead to decryption of HTTPS traffic and...

8.7CVSS0.00344EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/04 12:13 p.m.9 views

CVE-2026-45433

This vulnerability exists in GX Earth 2022 ONT models due to the presence of hardcoded RSA private key within the device firmware. A remote attacker could exploit this vulnerability by extracting the cryptographic private key from the firmware, which could lead to decryption of HTTPS traffic and...

8.7CVSS5.8AI score0.00344EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/04 12:13 p.m.9 views

CVE-2026-45433 Hardcoded Cryptographic Key Vulnerability in GX Earth ONT Models

This vulnerability exists in GX Earth 2022 ONT models due to the presence of hardcoded RSA private key within the device firmware. A remote attacker could exploit this vulnerability by extracting the cryptographic private key from the firmware, which could lead to decryption of HTTPS traffic and...

8.7CVSS5.8AI score0.00344EPSS
Exploits0References1
CVE
CVE
added 2026/06/04 12:13 p.m.15 views

CVE-2026-45433

CVE-2026-45433 affects GX Earth 2022 ONT models. The issue is a hardcoded RSA private key embedded in device firmware, enabling a remote attacker to extract the key and potentially decrypt HTTPS traffic, enabling MITM attacks on the affected devices. The connected CVE listing documents this root ...

8.7CVSS5.8AI score0.00344EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/04 12:7 p.m.9 views

CVE-2026-45432 Cleartext Transmission of Credentials Vulnerability in GX Earth ONT Models

This vulnerability exists in GX Earth ONT models due to the transmission of user credentials in plaintext over HTTP in its web management interface. A remote attacker could exploit this vulnerability by intercepting network traffic to obtain sensitive authentication information, which could lead ...

8.7CVSS5.8AI score0.00244EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/04 12:7 p.m.8 views

CVE-2026-45432

This vulnerability exists in GX Earth ONT models due to the transmission of user credentials in plaintext over HTTP in its web management interface. A remote attacker could exploit this vulnerability by intercepting network traffic to obtain sensitive authentication information, which could lead ...

8.7CVSS5.8AI score0.00244EPSS
Exploits0References2
CVE
CVE
added 2026/06/04 12:7 p.m.14 views

CVE-2026-45432

The CVE-2026-45432 entry describes a vulnerability in GX Earth ONT models where user credentials are transmitted in cleartext over HTTP in the device’s web management interface. This allows a remote attacker who can intercept network traffic to obtain sensitive authentication data, potentially le...

8.7CVSS5.8AI score0.00244EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/04 12:7 p.m.38 views

CVE-2026-45432 Cleartext Transmission of Credentials Vulnerability in GX Earth ONT Models

This vulnerability exists in GX Earth ONT models due to the transmission of user credentials in plaintext over HTTP in its web management interface. A remote attacker could exploit this vulnerability by intercepting network traffic to obtain sensitive authentication information, which could lead ...

8.7CVSS0.00244EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/04 12:4 p.m.6 views

CVE-2026-45431

This vulnerability exists in GX Earth ONT models due to improper handling of user-supplied input in multiple diagnostic functions in its web management interface. An authenticated remote attacker could exploit this vulnerability by injecting arbitrary and executing OS commands on the targeted...

8.7CVSS6.5AI score0.00388EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/04 12:4 p.m.8 views

CVE-2026-45431 Command Injection Vulnerability in GX Earth ONT Models

This vulnerability exists in GX Earth ONT models due to improper handling of user-supplied input in multiple diagnostic functions in its web management interface. An authenticated remote attacker could exploit this vulnerability by injecting arbitrary and executing OS commands on the targeted...

8.7CVSS6.5AI score0.00388EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/04 12:4 p.m.36 views

CVE-2026-45431 Command Injection Vulnerability in GX Earth ONT Models

This vulnerability exists in GX Earth ONT models due to improper handling of user-supplied input in multiple diagnostic functions in its web management interface. An authenticated remote attacker could exploit this vulnerability by injecting arbitrary and executing OS commands on the targeted...

8.7CVSS0.00388EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/04 12:4 p.m.11 views

EUVD-2026-34247

This vulnerability exists in GX Earth ONT models due to improper handling of user-supplied input in multiple diagnostic functions in its web management interface. An authenticated remote attacker could exploit this vulnerability by injecting arbitrary and executing OS commands on the targeted...

8.7CVSS6.5AI score0.00388EPSS
Exploits0References1
CVE
CVE
added 2026/06/04 12:4 p.m.34 views

CVE-2026-45431

CVE-2026-45431 affects GX Earth ONT models. The issue stems from improper handling of user-supplied input in multiple diagnostic functions within the web management interface, enabling an authenticated remote attacker to inject commands and achieve remote code execution with root privileges. The ...

8.7CVSS6.5AI score0.00388EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.12 views

PT-2026-46194

This vulnerability exists in GX Earth ONT models due to improper handling of user-supplied input in multiple diagnostic functions in its web management interface. An authenticated remote attacker could exploit this vulnerability by injecting arbitrary and executing OS commands on the targeted...

8.7CVSS6.5AI score0.00388EPSS
Exploits0References2
Rows per page
Query Builder