Lucene search
K

243 matches found

CISA KEV Catalog
CISA KEV Catalog
added 2026/04/24 12:0 a.m.3 views

D-Link DIR-823X Command Injection Vulnerability

D-Link DIR-823X contains a command injection vulnerability that allows an authorized attacker to execute arbitrary commands on remote devices by sending a POST request to /goform/setprohibiting via the corresponding function. The impacted product could be end-of-life EoL and/or end-of-service EoS...

7.2CVSS8.9AI score0.87239EPSS
In wildExploits1
EUVD
EUVD
added 2026/02/28 9:30 a.m.7 views

EUVD-2026-9100

Some end of service NETGEAR products provide "TelnetEnable" functionality, which allows a magic packet to activate telnet service on the box...

8.7CVSS6AI score0.00384EPSS
Exploits0References8
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2026/01/30 5:23 a.m.6 views

Undocumented "TelnetEnable" functionality of End of Service NETGEAR products

Overview Some end of service NETGEAR products provide "TelnetEnable" functionality, which allows a magic packet to activate telnet service on the box. Inclusion of Undocumented Features or Chicken Bits CWE-1242 - CVE-2026-24714 Misato Ito, Daichi Uezono, Ryu Kuki, Iwaki Miyamoto, Takayuki Sasaki,...

8.7CVSS5.9AI score0.00228EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/01/30 3:53 a.m.31 views

CVE-2026-24714

Some end of service NETGEAR products provide "TelnetEnable" functionality, which allows a magic packet to activate telnet service on the box...

8.7CVSS0.00228EPSS
Exploits0References2
CVE
CVE
added 2026/01/30 3:53 a.m.52 views

CVE-2026-24714

The CVE-2026-24714 entry concerns end-of-service NETGEAR devices (notably PR2000) that expose an undocumented TelnetEnable feature. A magic packet on the LAN can activate the Telnet service, enabling interactive access. The Red Hat/NVD/JVN/CIRCL and CVE records confirm the existence of this funct...

8.7CVSS5.9AI score0.00228EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/01/30 12:0 a.m.11 views

PT-2026-5376

Name of the Vulnerable Software and Affected Versions NETGEAR affected versions not specified Description Certain end-of-service NETGEAR products feature a “TelnetEnable” functionality. This functionality permits a magic packet to activate the telnet service on the device, potentially leading to...

8.7CVSS7.1AI score0.00228EPSS
Exploits0References6
CISA KEV Catalog
CISA KEV Catalog
added 2025/12/17 12:0 a.m.18 views

ASUS Live Update Embedded Malicious Code Vulnerability

ASUS Live Update contains an embedded malicious code vulnerability client were distributed with unauthorized modifications introduced through a supply chain compromise. The modified builds could cause devices meeting specific targeting conditions to perform unintended actions. The impacted produc...

9.8CVSS7.1AI score0.01084EPSS
In wildExploits0
CISA KEV Catalog
CISA KEV Catalog
added 2025/12/12 12:0 a.m.5 views

Sierra Wireless AirLink ALEOS Unrestricted Upload of File with Dangerous Type Vulnerability

Sierra Wireless AirLink ALEOS contains an unrestricted upload of file with dangerous type vulnerability. A specially crafted HTTP request can upload a file, resulting in executable code being uploaded, and routable, to the webserver. An attacker can make an authenticated HTTP request to trigger...

9CVSS7.1AI score0.27851EPSS
In wildExploits3
CISA KEV Catalog
CISA KEV Catalog
added 2025/12/08 12:0 a.m.12 views

D-Link Routers Buffer Overflow Vulnerability

D-Link Routers contains a buffer overflow vulnerability that has a high impact on confidentiality, integrity, and availability. The impacted products could be end-of-life EoL and/or end-of-service EoS. Users should discontinue product utilization...

9.8CVSS7.5AI score0.57037EPSS
In wildExploits1
CISA KEV Catalog
CISA KEV Catalog
added 2025/10/06 12:0 a.m.9 views

Microsoft Internet Explorer Uninitialized Memory Corruption Vulnerability

Microsoft Internet Explorer contains an uninitialized memory corruption vulnerability that could allow for remote code execution. The impacted product could be end-of-life EoL and/or end-of-service EoS. Users should discontinue product utilization...

9.3CVSS8.1AI score0.96889EPSS
In wildExploits14
CISA KEV Catalog
CISA KEV Catalog
added 2025/09/03 12:0 a.m.8 views

TP-Link TL-WR841N Authentication Bypass by Spoofing Vulnerability

TP-Link TL-WR841N contains an authentication bypass by spoofing vulnerability within the httpd service, which listens on TCP port 80 by default, leading to the disclose of stored credentials. The impacted products could be end-of-life EoL and/or end-of-service EoS. Users should discontinue produc...

6.5CVSS7AI score0.1745EPSS
In wildExploits0
CISA KEV Catalog
CISA KEV Catalog
added 2025/09/03 12:0 a.m.29 views

TP-Link Archer C7(EU) and TL-WR841N/ND(MS) OS Command Injection Vulnerability

TP-Link Archer C7EU and TL-WR841N/NDMS contain an OS command injection vulnerability that exists in the Parental Control page. The impacted products could be end-of-life EoL and/or end-of-service EoS. Users should discontinue product utilization...

8.6CVSS7.7AI score0.11747EPSS
In wildExploits0
CISA KEV Catalog
CISA KEV Catalog
added 2025/09/02 12:0 a.m.7 views

TP-link TL-WA855RE Missing Authentication for Critical Function Vulnerability

TP-link TL-WA855RE contains a missing authentication for critical function vulnerability. This vulnerability could allow an unauthenticated attacker on the same network to submit a TDDPRESET POST request for a factory reset and reboot. The attacker can then obtain incorrect access control by...

8.8CVSS8.7AI score0.20689EPSS
In wildExploits0
CISA KEV Catalog
CISA KEV Catalog
added 2025/08/12 12:0 a.m.9 views

Microsoft Internet Explorer Resource Management Errors Vulnerability

Microsoft Internet Explorer contains a memory corruption vulnerability that allows for remote code execution. The impacted products could be end-of-life EoL and/or end-of-service EoS. Users should discontinue product utilization...

9.3CVSS8.2AI score0.8593EPSS
In wildExploits18
CISA KEV Catalog
CISA KEV Catalog
added 2025/08/05 12:0 a.m.9 views

D-Link DCS-2530L and DCS-2670L Devices Unspecified Vulnerability

D-Link DCS-2530L and DCS-2670L devices contains an unspecified vulnerability that could allow for remote administrator password disclosure. The impacted products could be end-of-life EoL and/or end-of-service EoS. Users should discontinue product utilization...

7.5CVSS7.6AI score0.97901EPSS
In wildExploits4
CISA KEV Catalog
CISA KEV Catalog
added 2025/08/05 12:0 a.m.17 views

D-Link DNR-322L Download of Code Without Integrity Check Vulnerability

D-Link DNR-322L contains a download of code without integrity check vulnerability that could allow an authenticated attacker to execute OS level commands on the device. The impacted products could be end-of-life EoL and/or end-of-service EoS. Users should discontinue product utilization...

8.8CVSS8.7AI score0.31328EPSS
In wildExploits3
CISA KEV Catalog
CISA KEV Catalog
added 2025/06/16 12:0 a.m.28 views

TP-Link Multiple Routers Command Injection Vulnerability

TP-Link TL-WR940N V2/V4, TL-WR841N V8/V10, and TL-WR740N V1/V2 contain a command injection vulnerability via the component /userRpm/WlanNetworkRpm. The impacted products could be end-of-life EoL and/or end-of-service EoS. Users should discontinue product utilization...

8.8CVSS8.9AI score0.41874EPSS
In wildExploits3
VulnCheck KEV
VulnCheck KEV
added 2025/06/16 12:0 a.m.5 views

VulnCheck KEV: CVE-2023-33538

TP-Link TL-WR940N V2/V4, TL-WR841N V8/V10, and TL-WR740N V1/V2 contain a command injection vulnerability via the component /userRpm/WlanNetworkRpm. The impacted products could be end-of-life EoL and/or end-of-service EoS. Users should discontinue product utilization...

8.8CVSS5.8AI score0.41874EPSS
Exploits3References1
CISA KEV Catalog
CISA KEV Catalog
added 2025/06/02 12:0 a.m.18 views

ASUS Routers Improper Authentication Vulnerability

ASUS Lyra Mini and ASUS GT-AC2900 devices contain an improper authentication vulnerability that allows an attacker to gain unauthorized access to the administrative interface. The impacted products could be end-of-life EoL and/or end-of-service EoS. Users should discontinue product utilization...

9.8CVSS9.9AI score0.99393EPSS
In wildExploits1
VulnCheck KEV
VulnCheck KEV
added 2025/03/07 12:0 a.m.4 views

VulnCheck KEV: CVE-2025-1316

Edimax IC-7100 IP camera contains an OS command injection vulnerability due to improper input sanitization that allows an attacker to achieve remote code execution via specially crafted requests. The impacted product could be end-of-life EoL and/or end-of-service EoS. Users should discontinue...

9.8CVSS7.8AI score0.7227EPSS
Exploits2References1
Rows per page
Query Builder