5 matches found
CVE-2026-7786
Jinan USR IOT Technology Limited PUSR USR-W610 RS232/485 to Wi-Fi/Ethernet Converter device firmware contains plaintext administrative credentials embedded in the firmware image. These credentials can be extracted through firmware analysis and used to authenticate to device services...
CVE-2025-8816 Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 setOpMode stack-based overflow
A vulnerability was determined in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. Affected is the function setOpMode of the file /goform/setOpMode. The manipulation of the argument ethConv leads to stack-based buffer overflow. It is possible to launch the attack remotely...
CVE-2024-36080
Westermo EDW-100 devices through 2024-05-03 have a hidden root user account with a hardcoded password that cannot be changed. NOTE: this is a serial-to-Ethernet converter that should not be placed at the edge of the network...
Westermo EDW-100
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION : Exploitable remotely/low attack complexity Vendor : Westermo Equipment : EDW-100 Vulnerabilities : Use of Hard-coded Password, Insufficiently Protected Credentials 2. RISK EVALUATION Successful exploitation of these vulnerabilities could...
CVE-2024-36081
Westermo EDW-100 serial-to-Ethernet converter is affected by CVE-2024-36081. An unauthenticated GET request can download the device configuration, exposing cleartext usernames and passwords. Impact is rated CVSS v3.1 9.8 (CRITICAL) with network access, no user interaction. Affected firmware up to...