CVE-2025-46626

Reuse of a static AES key and initialization vector for encrypted traffic to the 'ate' management service of the Tenda RX2 Pro 16.03.30.14 allows an attacker to decrypt, replay, and/or forge traffic to the service...

LDAP Password Disclosure

This module will gather passwords and password hashes from a target LDAP server via multiple techniques including Windows LAPS. For best results, run with SSL because some attributes are only readable over encrypted connections. Module Options msf use auxiliary/gather/ldappasswords msf...

Tenda RX2 Pro 安全漏洞

Tenda RX2 Pro is a high performance WiFi 6 signal amplifier from Tenda China. An information disclosure vulnerability exists in Tenda RX2 Pro version 16.03.30.14, which can be exploited by an attacker to potentially cause decryption of encrypted messages...

CVE-2025-46632

Initialization vector IV reuse in the web management portal of the Tenda RX2 Pro 16.03.30.14 may allow an attacker to discern information about or more easily decrypt encrypted messages between client and server...

CVE-2025-46632

CVE-2025-46632 affects Tenda RX2 Pro (firmware 16.03.30.14). The issue is IV reuse in the web management portal, enabling an attacker to discern information about, or more easily decrypt, messages between client and server. The exploitation details are not provided in the documents, but the CVSS ...

CVE-2025-46626

Reuse of a static AES key and initialization vector for encrypted traffic to the 'ate' management service of the Tenda RX2 Pro 16.03.30.14 allows an attacker to decrypt, replay, and/or forge traffic to the service...

CVE-2025-3200

An unauthenticated remote attacker could exploit the used, insecure TLS 1.0 and TLS 1.1 protocols to intercept and manipulate encrypted communications between the Com-Server and connected systems...

CVE-2025-3200

An unauthenticated remote attacker could exploit the used, insecure TLS 1.0 and TLS 1.1 protocols to intercept and manipulate encrypted communications between the Com-Server and connected systems...

CVE-2025-3200 Com-Server Exposed via Weak TLS

An unauthenticated remote attacker could exploit the used, insecure TLS 1.0 and TLS 1.1 protocols to intercept and manipulate encrypted communications between the Com-Server and connected systems...

CVE-2025-3200 Com-Server Exposed via Weak TLS

An unauthenticated remote attacker could exploit the used, insecure TLS 1.0 and TLS 1.1 protocols to intercept and manipulate encrypted communications between the Com-Server and connected systems...

CVE-2025-3200

CVE-2025-3200 affects the Com-Server component, where an unauthenticated remote attacker could exploit the use of insecure TLS 1.0 and TLS 1.1 to intercept and manipulate encrypted communications between the Com-Server and connected systems. The issue stems from weak cryptographic protocol suppor...

Wiesemann & Theis Com-Server 加密问题漏洞

Wiesemann & Theis Com-Server is a communication server for industrial automation from Wiesemann & Theis that provides connectivity between serial devices and Ethernet. A cryptographic issue vulnerability exists in Wiesemann & Theis Com-Server versions prior to 1.60 that stems from the use of...

PT-2025-18058 · Unknown · Com-Server

Name of the Vulnerable Software and Affected Versions: Com-Server affected versions not specified Description: An unauthenticated remote attacker could exploit the used, insecure TLS 1.0 and TLS 1.1 protocols to intercept and manipulate encrypted communications between the Com-Server and connecte...

The vulnerability of the Gladinet CentreStack software platform for secure file sharing lies in the use of strictly encrypted user credentials, allowing a hacker to execute arbitrary code.

The vulnerability of the Gladinet CentreStack file sharing software platform lies in the use of strictly encrypted user credentials. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

OESA-2025-1452 grub2 security update

GNU GRUB is a Multiboot boot loader. It was derived from GRUB, the GRand Unified Bootloader, which was originally designed and implemented by Erich Stefan Boleyn. Security Fixes: grub2 allowed attackers with access to the grub shell to access files on the encrypted disks.CVE-2024-49504...

The vulnerability of the UNI-NMS-Lite network management system, which stems from the use of rigidly encrypted account data, allows a hacker to elevate their privileges to the level of an administrator.

The vulnerability of the UNI-NMS-Lite network management system is related to the use of strictly encrypted account data. Exploiting this vulnerability can allow a malicious actor to elevate their privileges to the level of an administrator...

The vulnerability of the Telnet service of the TOTOLINK A810R router’s microprogramming system allows a intruder to disclose protected information.

The vulnerability of the Telnet service in the microprogramming software of TOTOLINK A810R routers is related to the use of strictly encrypted login credentials. Exploiting this vulnerability can allow a malicious actor to disclose the protected information...

Lattica Emerges from Stealth to Solve AI’s Biggest Privacy Challenge with FHE

Lattica’s cloud-based solution uses Fully Homomorphic Encryption to query encrypted data on AI models without decrypting it, preserving privacy and bolstering security...

The vulnerability of the Four-Faith F3x36 router’s microprogramming software, which stems from the use of strictly encrypted login credentials, allows a intruder to gain unauthorized access to protected information.

The vulnerability of the Four-Faith F3x36 router’s microprogramming software is related to the use of strictly encrypted login credentials. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information through specially crafted HTT...

Race Condition

Overview Affected versions of this package are vulnerable to Race Condition due to a race condition in the traffic processing mechanism. An attacker can intercept and read packets that should be encrypted. Remediation Upgrade github.com/cilium/cilium/bpf to version 1.15.16, 1.16.9, 1.17.3 or...