Lucene search
K

1303 matches found

Cvelist
Cvelist
added 2026/03/17 9:42 p.m.24 views

CVE-2026-32839 Edimax GS-5008PL <= 1.00.54 CSRF via Management CGI Endpoints

Edimax GS-5008PL firmware version 1.00.54 and prior contain a cross-site request forgery vulnerability that allows remote attackers to perform unauthorized administrative actions by inducing logged-in administrators to visit malicious pages. Attackers can exploit the lack of anti-CSRF tokens and...

5.1CVSS0.00208EPSS
Exploits0References3
CVE
CVE
added 2026/03/17 9:42 p.m.16 views

CVE-2026-32839

Edimax GS-5008PL firmware 1.00.54 and earlier is impacted by a cross-site request forgery (CSRF) vulnerability. The issue stems from lack of anti-CSRF tokens and insufficient request validation, enabling remote attackers to coerce logged-in administrators into performing actions via malicious pag...

6.5CVSS5.8AI score0.00208EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/17 12:0 a.m.11 views

PT-2026-25945

Edimax GS-5008PL firmware version 1.00.54 and prior contain a cross-site request forgery vulnerability that allows remote attackers to perform unauthorized administrative actions by inducing logged-in administrators to visit malicious pages. Attackers can exploit the lack of anti-CSRF tokens and...

6.5CVSS5.7AI score0.00208EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/02/05 1:22 a.m.6 views

CVE-2026-1633

The Synectix LAN 232 TRIO 3-Port serial to ethernet adapter exposes its web management interface without requiring authentication, allowing unauthenticated users to modify critical device settings or factory reset the device...

10CVSS5.4AI score0.0055EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/02/04 12:0 a.m.8 views

Synectix LAN 232 TRIO 访问控制错误漏洞

The Synectix LAN 232 TRIO is a serial-to-network converter developed by the British company Synectix. The Synectix LAN 232 TRIO has a access control vulnerability, which stems from the lack of authentication required for the web management interface. This vulnerability could allow unverified user...

10CVSS5.8AI score0.0055EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/02/03 11:2 p.m.38 views

CVE-2026-1633 Synectix LAN 232 TRIO Missing Authentication for Critical Function

The Synectix LAN 232 TRIO 3-Port serial to ethernet adapter exposes its web management interface without requiring authentication, allowing unauthenticated users to modify critical device settings or factory reset the device...

10CVSS0.0055EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/02/03 11:2 p.m.4 views

CVE-2026-1633 Synectix LAN 232 TRIO Missing Authentication for Critical Function

The Synectix LAN 232 TRIO 3-Port serial to ethernet adapter exposes its web management interface without requiring authentication, allowing unauthenticated users to modify critical device settings or factory reset the device...

10CVSS5.4AI score0.0055EPSS
Exploits0References2
ICS
ICS
added 2026/02/03 7:0 a.m.8 views

Synectix LAN 232 TRIO

RISK EVALUATION Successful exploitation of this vulnerability could result in an unauthenticated attacker modifying critical device settings or factory resetting the device. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this...

10CVSS5.6AI score0.0055EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2026/02/03 12:0 a.m.8 views

PT-2026-6051

Name of the Vulnerable Software and Affected Versions Synectix LAN 232 TRIO versions affected versions not specified Description The Synectix LAN 232 TRIO 3-Port serial to ethernet adapter’s web management interface is accessible without authentication. This allows unauthenticated users to modify...

10CVSS5.6AI score0.0055EPSS
Exploits0References10
ATTACKERKB
ATTACKERKB
added 2026/01/26 10:5 a.m.4 views

CVE-2025-59103

The Access Manager 92xx in hardware revision K7 is based on Linux instead of Windows CE embedded in older hardware revisions. In this new hardware revision it was noticed that an SSH service is exposed on port 22. By analyzing the firmware of the devices, it was noticed that there are two users...

9.2CVSS5.8AI score0.00403EPSS
Exploits0References4
CVE
CVE
added 2026/01/26 10:5 a.m.17 views

CVE-2025-59103

CVE-2025-59103 concerns the Access Manager 92xx hardware revision K7. The Red Hat/NVD/CVE entries describe an SSH service exposed on port 22 with two users that have hardcoded and weak passwords, allowing SSH access. A key root-cause is that password randomization on first deployment is condition...

9.2CVSS5.8AI score0.00403EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/01/26 12:0 a.m.11 views

PT-2026-4753

Name of the Vulnerable Software and Affected Versions Access Manager 92xx hardware revision K7 affected versions not specified Description The Access Manager 92xx hardware revision K7 utilizes a Linux-based operating system, differing from older revisions that used Windows CE. An SSH service is...

9.2CVSS5.8AI score0.00403EPSS
Exploits0References9
RedhatCVE
RedhatCVE
added 2026/01/22 5:34 p.m.6 views

CVE-2026-0834

Logic vulnerability in TP-Link Archer C20 v5, 6.0, Archer AX53 v1.0 and TL-WR841N v13 TDDP module allows unauthenticated adjacent attackers to execute administrative commands including factory reset and device reboot without credentials. Attackers on the adjacent network can remotely trigger...

8.8CVSS5.5AI score0.00401EPSS
Exploits0References1
NVD
NVD
added 2026/01/21 6:16 p.m.7 views

CVE-2026-0834

Logic vulnerability in TP-Link Archer C20 v5, 6.0, Archer AX53 v1.0 and TL-WR841N v13 TDDP module allows unauthenticated adjacent attackers to execute administrative commands including factory reset and device reboot without credentials. Attackers on the adjacent network can remotely trigger...

8.8CVSS0.00401EPSS
Exploits0References7
OSV
OSV
added 2026/01/21 6:16 p.m.6 views

CVE-2026-0834

Logic vulnerability in TP-Link Archer C20 v6.0 and Archer AX53 v1.0 TDDP module allows unauthenticated adjacent attackers to execute administrative commands including factory reset and device reboot without credentials. Attackers on the adjacent network can remotely trigger factory resets and...

8.8CVSS6AI score0.00401EPSS
Exploits0References3
EUVD
EUVD
added 2026/01/21 5:14 p.m.6 views

EUVD-2026-3601

Logic vulnerability in TP-Link Archer C20 v6.0 and Archer AX53 v1.0 TDDP module allows unauthenticated adjacent attackers to execute administrative commands including factory reset and device reboot without credentials. Attackers on the adjacent network can remotely trigger factory resets and...

7.2CVSS5.7AI score0.00401EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/01/21 5:14 p.m.4 views

CVE-2026-0834 Logic Vulnerability on TP-Link Archer C20, Archer AX53 and TL-WR841N v13

Logic vulnerability in TP-Link Archer C20 v5, 6.0, Archer AX53 v1.0 and TL-WR841N v13 TDDP module allows unauthenticated adjacent attackers to execute administrative commands including factory reset and device reboot without credentials. Attackers on the adjacent network can remotely trigger...

7.2CVSS5.9AI score0.00401EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2026/01/21 5:14 p.m.2 views

CVE-2026-0834

Logic vulnerability in TP-Link Archer C20 v5, 6.0, Archer AX53 v1.0 and TL-WR841N v13 TDDP module allows unauthenticated adjacent attackers to execute administrative commands including factory reset and device reboot without credentials. Attackers on the adjacent network can remotely trigger...

8.8CVSS5.9AI score0.00401EPSS
Exploits0References9
Cvelist
Cvelist
added 2026/01/21 5:14 p.m.24 views

CVE-2026-0834 Logic Vulnerability on TP-Link Archer C20, Archer AX53 and TL-WR841N v13

Logic vulnerability in TP-Link Archer C20 v5, 6.0, Archer AX53 v1.0 and TL-WR841N v13 TDDP module allows unauthenticated adjacent attackers to execute administrative commands including factory reset and device reboot without credentials. Attackers on the adjacent network can remotely trigger...

7.2CVSS0.00401EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/01/21 12:0 a.m.8 views

PT-2026-3791

Name of the Vulnerable Software and Affected Versions TP-Link Archer C20 versions prior to V6 251031 TP-Link Archer AX53 version prior to V1 251215 Description A logic issue exists in the TDDP module of TP-Link Archer C20 v6.0 and Archer AX53 v1.0. An unauthenticated attacker on an adjacent netwo...

8CVSS5.4AI score0.00401EPSS
Exploits0References10
Rows per page
Query Builder