PT-2025-26661

Name of the Vulnerable Software and Affected Versions: Blue Angel Software Suite affected versions not specified Description: A hardcoded credential vulnerability exists in the Blue Angel Software Suite deployed on embedded Linux systems. The application contains multiple known default and...

VulnCheck KEV: CVE-2025-34033

An OS command injection vulnerability exists in the Blue Angel Software Suite running on embedded Linux devices via the pingaddr parameter in the webctrl.cgi script. The application fails to properly sanitize input before passing it to the system-level ping command. An authenticated attacker can...

VulnCheck KEV: CVE-2025-34034

A hardcoded credential vulnerability exists in the Blue Angel Software Suite deployed on embedded Linux systems. The application contains multiple known default and hardcoded user accounts that are not disclosed in public documentation. These accounts allow unauthenticated or low-privilege...

ABB M2M Gateway Information Disclosure in embedded Linux Kernel for some AMD CPUs (CVE-2023-20593)

An issue in Zen 2 CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensitive information. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...

ABB M2M Gateway Use-After-Free in embedded Linux Kernel (CVE-2022-42703)

mm/rmap.c in the Linux kernel before 5.19.7 has a use-after-free related to leaf anonvma double reuse. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description...

ABB M2M Gateway Memory Corruption in embedded Linux Kernel (CVE-2022-43750)

drivers/usb/mon/monbin.c in usbmon in the Linux kernel before 5.19.15 and 6.x before 6.0.1 allows a user-space client to corrupt the monitor's internal memory. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 8090...

ABB M2M Gateway Use-After-Free in embedded Linux Kernel (CVE-2023-32233)

In the Linux kernel through 6.3.1, a use-after-free in Netfilter nftables when processing batch requests can be abused to perform arbitrary read and write operations on kernel memory. Unprivileged local users can obtain root privileges. This occurs because anonymous sets are mishandled. This plug...

[SECURITY] Fedora 42 Update: dropbear-2025.88-1.fc42

Dropbear is a relatively small SSH server and client. It's particularly useful for "embedded"-type Linux or other Unix systems, such as wireless routers...

CVE-2023-25188

An issue was discovered on NOKIA Airscale ASIKA Single RAN devices before 21B. If/when CSP as a BTS administrator removes security hardenings from the Nokia Single RAN BTS baseband unit, the BTS baseband unit diagnostic tool AaShell which is by default disabled allows unauthenticated access from...

CVE-2019-18828

Barco ClickShare Button R9861500D01 devices before 1.9.0 have Insufficiently Protected Credentials. The root account present for access via debug interfaces, which are by default not enabled on production devices of the embedded Linux on the ClickShare Button is using a weak password...

[SECURITY] Fedora 42 Update: libell-0.74-1.fc42

The Embedded Linux Library ELL provides core, low-level functionality for system daemons. It typically has no dependencies other than the Linux kernel, C standard library, and libdl for dynamic linking. While ELL is designed to be efficient and compact enough for use on embedded Linux platforms, ...

CVE-2025-1143

Certain models of routers from Billion Electric has hard-coded embedded linux credentials, allowing attackers to log in through the SSH service using these credentials and obtain root privilege of the system...

CVE-2025-1143

CVE-2025-1143 affects Billion Electric routers (M100, M150, M120N). Public records describe hard-coded embedded Linux credentials in the SSH service, allowing an attacker with local access to log in and obtain root privileges. The CVSS 3.1 vector indicates local access, low attack complexity, and...

CVE-2025-1143 Billion Electric M120N - Use of Hard-coded Credentials

Certain models of routers from Billion Electric has hard-coded embedded linux credentials, allowing attackers to log in through the SSH service using these credentials and obtain root privilege of the system...

CVE-2020-11549

An issue was discovered on NETGEAR Orbi Tri-Band Business WiFi Add-on Satellite SRS60 AC3000 V2.5.1.106, Outdoor Satellite RBS50Y V2.5.1.106, and Pro Tri-Band Business WiFi Router SRR60 AC3000 V2.5.1.106. The root account has the same password as the Web-admin component. Thus, by exploiting...

[SECURITY] Fedora 40 Update: libell-0.71-1.fc40

The Embedded Linux Library ELL provides core, low-level functionality for system daemons. It typically has no dependencies other than the Linux kernel, C standard library, and libdl for dynamic linking. While ELL is designed to be efficient and compact enough for use on embedded Linux platforms, ...

[SECURITY] Fedora 41 Update: libell-0.71-1.fc41

The Embedded Linux Library ELL provides core, low-level functionality for system daemons. It typically has no dependencies other than the Linux kernel, C standard library, and libdl for dynamic linking. While ELL is designed to be efficient and compact enough for use on embedded Linux platforms, ...

[SECURITY] Fedora 41 Update: libell-0.69-1.fc41

The Embedded Linux Library ELL provides core, low-level functionality for system daemons. It typically has no dependencies other than the Linux kernel, C standard library, and libdl for dynamic linking. While ELL is designed to be efficient and compact enough for use on embedded Linux platforms, ...

[SECURITY] Fedora 40 Update: libell-0.69-1.fc40

The Embedded Linux Library ELL provides core, low-level functionality for system daemons. It typically has no dependencies other than the Linux kernel, C standard library, and libdl for dynamic linking. While ELL is designed to be efficient and compact enough for use on embedded Linux platforms, ...

Fedora: Security Advisory for qt5-qtx11extras (FEDORA-2024-2e27372d4c)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...