EUVD-2026-23758

Initialization of a resource with an insecure default vulnerability exists in SD-330AC and AMC Manager provided by silex technology, Inc. When the affected device is connected to the network with the initial factory-default configuration, the device can be configured with the null string password...

CVE-2024-39707

Insyde IHISI function 0x49 can restore factory defaults for certain UEFI variables without further authentication by default, which could lead to a possible roll-back attack in certain platforms. This is fixed in: kernel 5.2, version 05.29.19; kernel 5.3, version 05.38.19; kernel 5.4, version...

Vulnerabilities fixed in Rockwell Automation Power Monitor 1000

Rockwell Automation has fixed vulnerabilities in the Power Monitor 1000. The vulnerabilities are in the API of the Power Monitor 1000, which allows unauthorized users to configure new Policyholder users with high privileges. This allows attackers to edit existing users, create new administrators...

Insyde InsydeH2O 安全漏洞

Insyde InsydeH2O is a new EFI/UEFI specification from Insyde China. It is intended to replace the traditional BIOS Basic Input/Output System. A security vulnerability exists in Insyde InsydeH2O, which stems from a 0x49 function that can restore the factory default settings of certain UEFI variabl...

CVE-2022-24118

Certain General Electric Renewable Energy products allow attackers to use a code to trigger a reboot into the factory default configuration. This affects iNET and iNET II before 8.3.0, SD before 6.4.7, TD220X before 2.0.16, and TD220MAX before 1.2.6...

Optilink Network OP-XT71000N 跨站请求伪造漏洞

The Optilink Network OP-XT71000N is a wireless router from Optilink Network India. A cross-site request forgery vulnerability exists in the Optilink Network OP-XT71000N version V2.2, which stems from a vulnerability that allows an unauthenticated, remote attacker to reset the ONU to factory...

CVE-2020-23592

A vulnerability in OPTILINK OP-XT71000N Hardware Version: V2.2 , Firmware Version: OPV3.3.1-191028 allows an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack to Reset ONU to Factory Default through ' /mgmdevreset.asp.' Resetting to default leads to Escalation o...

GE General Electric Renewable Energy MDS Radios 资源管理错误漏洞

GE General Electric Renewable Energy MDS Radios is a family of industrial wireless solutions from General Electric GE. A resource management error vulnerability exists in GE General Electric Renewable Energy MDS iNET/iNET II/SD/TD220/TD220MAX Radios. An attacker using authentication code could...

Unspecified vulnerability in DEPSTECH WiFi Digital Microscope

DEPSTECH WiFi Digital Microscope is a wifi industrial endoscope from Shenzhen Shenhai Innovation Technology Co., Ltd. in China. DEPSTECH WiFi Digital Microscope 3 has a security vulnerability that allows remote attackers to change the SSID and password and demand a ransom from the legitimate devi...

CVE-2017-2877

A missing error check exists in the Multi-Camera interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. A specially crafted request on port 10001 could allow an attacker to reset the user accounts to factory defaults, without authentication...

Authentication flaw

A missing error check exists in the Multi-Camera interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. A specially crafted request on port 10001 could allow an attacker to reset the user accounts to factory defaults, without authentication...

Linksys WRT54G (firmware 1.00.9) - Security Bypass Vulnerabilities

No description provided by source. regurgitated by: meathive url: kinqpinz.info ; Tue, 05 Feb 2008 07:51:41 -0700 CVE-2008-1247 WRT54G firmware version: v1.00.9 Default LAN IP: 192.168.1.1 Default auth: user:blank - pass:admin Authorization: Basic OmFkbWlu php print base64decodeOmFkbWlu; :admin...

CVE-2013-7183

cgi-bin/reboot.cgi on Seowon Intech SWC-9100 routers allows remote attackers to 1 cause a denial of service reboot via a defaultreboot action or 2 reset all configuration values via a factorydefault action...

CVE-2013-3688

The TP-Link IP Cameras TL-SC3171, TL-SC3130, TL-SC3130G, TL-SC3171G, and possibly other models before beta firmware LM.1.6.18P12sign6, does not properly restrict access to certain administrative functions, which allows remote attackers to 1 cause a denial of service device reboot via a request to...

Design/Logic Flaw

The TP-Link IP Cameras TL-SC3171, TL-SC3130, TL-SC3130G, TL-SC3171G, and possibly other models before beta firmware LM.1.6.18P12sign6, does not properly restrict access to certain administrative functions, which allows remote attackers to 1 cause a denial of service device reboot via a request to...

Thomson Wireless VoIP Cable Modem - Authentication Bypass

Exploit Title: Thomson Wireless VoIP Cable Modem Auth Bypass Date: February 22, 2011 Authors: Glafkos Charalambous, George Nicolaou Product: TWG850-4 Wireless VoIP Cable Modem Software Version: ST9A.01.06 Severity: High Other Vulnerabilities: Unauthenticated Backup File Access, Plaintext Protocol...

Linksys WRT54G Firmware 1.00.9 - Security Bypass (1)

Linksys WRT54G Firmware 1.00.9 - Security Bypass 1 regurgitated by: meathive url: kinqpinz.info ; Tue, 05 Feb 2008 07:51:41 -0700 CVE-2008-1247 WRT54G firmware version: v1.00.9 Default LAN IP: 192.168.1.1 Default auth: user:blank - pass:admin Authorization: Basic OmFkbWlu php print...

Linksys WRT54G (firmware 1.00.9) Security Bypass Vulnerabilities

Exploit for hardware platform in category remote exploits ================================================================ Linksys WRT54G firmware 1.00.9 Security Bypass Vulnerabilities ================================================================ regurgitated by: meathive url: kinqpinz.info ;...

Linksys WRT54G Firmware 1.00.9 - Security Bypass (1)

regurgitated by: meathive url: kinqpinz.info ; Tue, 05 Feb 2008 07:51:41 -0700 CVE-2008-1247 WRT54G firmware version: v1.00.9 Default LAN IP: 192.168.1.1 Default auth: user:blank - pass:admin Authorization: Basic OmFkbWlu php print base64decode"OmFkbWlu"; :admin https://kinqpinz.info/lib/wrt54g/...

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities on the Cisco Linksys WAG54GS Wireless-G ADSL Gateway with 1.01.03 and earlier firmware allow remote attackers to perform actions as administrators via an arbitrary valid request to an administrative URI, as demonstrated by 1 a Restore Facto...