8 matches found
EUVD-2025-28594
Malicious code in bioql PyPI...
CVE-2025-55591
TOTOLINK-A3002R v4.0.0-B20230531.1404 was discovered to contain a command injection vulnerability in the devicemac parameter in the formMapDel endpoint...
CVE-2025-55584
TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain insecure credentials for the telnet service and root account...
CVE-2025-55587
TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow in the hostname parameter at /boafrm/formMapDelDevice. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted input...
CVE-2025-55585
The CVE-2025-55585 entry concerns TOTOLINK A3002R firmware 4.0.0-B20230531.1404 with an eval() based injection vulnerability in the eval function, exposing potential code execution. Connected sources indicate the affected device and vulnerability type; PT-2025-33685 explicitly recommends updating...
CVE-2023-25758
Onekey Touch devices through 4.0.0 and Onekey Mini devices through 2.10.0 allow man-in-the-middle attackers to obtain the seed phase. The man-in-the-middle access can only be obtained after disassembling a device i.e., here, "man-in-the-middle" does not refer to the attacker's position on an IP...
TP-Link TD-W8951ND - Multiple Vulnerabilities
TP-Link TD-W8951ND - Multiple Vulnerabilities ----------- Author: ----------- xistence ------------------------- Affected products: ------------------------- Tested on TP-Link TD-W8951ND Firmware 4.0.0 Build 120607 Rel.30923 ------------------------- Affected vendors: -------------------------...
TP-Link TD-W8951ND Cross Site Request Forgery / Cross Site Scripting
----------- Author: ----------- xistence ------------------------- Affected products: ------------------------- Tested on TP-Link TD-W8951ND Firmware 4.0.0 Build 120607 Rel.30923 ------------------------- Affected vendors: ------------------------- TP-Link http://www.tp-link.com/ ----------...