EUVD-2017-17114

Malware in sbrugna...

EUVD-2019-7071

Malware in sbrugna...

EUVD-2023-53094

Malicious code in bioql PyPI...

SonicWALL SMA100 安全漏洞

The SonicWall SMA100 is a secure access gateway appliance from SonicWall USA. A path traversal vulnerability exists in the SonicWall SMA100, which can be exploited by an attacker to delete arbitrary files, resulting in a reboot of factory settings...

CVE-2023-49074

A denial of service vulnerability exists in the TDDP functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point EAP225 V3 v5.1.0 Build 20220926. A specially crafted series of network requests can lead to reset to factory settings. An attacker can send a sequence of unauthenticated...

CVE-2023-49074

CVE-2023-49074 affects TP-Link AC1350 Omada Giga APs (EAP225 V3) running v5.1.0 Build 20220926. A TDDP-based vulnerability (V2 ENC_CMD_OPT subtype 0x49) allows an unauthenticated attacker to reset device settings to factory defaults by sending a crafted network request; a related TDDP_SPECIAL_CMD...

Dell OS Recovery Tool 安全漏洞

Dell OS Recovery Tool is a system recovery tool. When the user's Dell computer fails to enter the system due to hard disk replacement/corruption or software reasons, the recovery USB flash drive created by Dell OS Recovery Tool can be used to restore the factory system settings of the Dell comput...

Tinycontrol LAN Controller 3 Denial Of Service Vulnerability

Tinycontrol LAN Controller v3 LK3 Remote Denial Of Service Exploit Vendor: Tinycontrol Product web page: https://www.tinycontrol.pl Affected version: this with a calendar when - then. The device provides a user interface in the form of a web page. The website presents readings of various types of...

Tinycontrol LAN Controller 3 Denial Of Service

Tinycontrol LAN Controller v3 LK3 Remote Denial Of Service Exploit Vendor: Tinycontrol Product web page: https://www.tinycontrol.pl Affected version: this with a calendar when - then. The device provides a user interface in the form of a web page. The website presents readings of various types of...

Tinycontrol LAN Controller v3 (LK3) Remote Denial Of Service Exploit

Summary Lan Controller is a very universal device that allows you to connect many different sensors and remotely view their readings and remotely control various types of outputs. It is also possible to combine both functions into an automatic if - this with a calendar when - then. The device...

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from Google. Google Android onCreate module has an authorization issue vulnerability that stems from a lack of permission checking in the onCreate module of ManagePermissionsActivity.java, with one possible way to bypass the Restore...

QSAN SANOS 操作系统命令注入漏洞

QSAN SANOS is the SAN storage management operating system from QSAN China. It comes with a refreshingly easy-to-use Web GUI and can be easily deployed into any infrastructure. A security vulnerability exists in QSAN SANOS that stems from the QSAN SANOS Restore Factory Settings feature not filteri...

Improper access control

A smart camera product of ZTE is impacted by a permission and access control vulnerability. Due to the defect of user permission management by the cloud-end app, users whose sharing permissions have been revoked can still control the camera, such as restarting the camera, restoring factory...

Cross site request forgery (csrf)

The Voo branded NETGEAR CG3700b custom firmware V2.02.03 allows CSRF against all /goform/ URIs. An attacker can modify all settings including WEP/WPA/WPA2 keys, restore the router to factory settings, or even upload an entire malicious configuration file...

CVE-2019-16272

On DTEN D5 and D7 before 1.3.4 devices, factory settings allows for firmware reflash and Android Debug Bridge adb enablement...

Design/Logic Flaw

On DTEN D5 and D7 before 1.3.4 devices, factory settings allows for firmware reflash and Android Debug Bridge adb enablement...

Lousy IoT Security

DTEN makes smart screens and whiteboards for videoconferencing systems. Forescout found that their security is terrible: In total, our researchers discovered five vulnerabilities of four different kinds: Data exposure: PDF files of shared whiteboards e.g. meeting notes and other sensitive files...

Bitdefender BOX 2 bootstrap update_setup command execution vulnerability

Summary An exploitable command execution vulnerability exists in the recovery partition of Bitdefender BOX 2, version 2.0.1.91. The API method /api/updatesetup does not perform firmware signature checks atomically, leading to an exploitable race condition TOCTTOU that allows arbitrary execution o...

CVE-2018-18377

goform/setReset on Orange AirBox Y858FL01.1604 devices allows attackers to reset a router to factory settings, which can be used to login using the default admin:admin credentials...

CVE-2018-18377

goform/setReset on Orange AirBox Y858FL01.1604 devices allows attackers to reset a router to factory settings, which can be used to login using the default admin:admin credentials...