13 matches found
CVE-2026-27516
Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior expose user passwords in plaintext within the administrative interface and HTTP responses, allowing recovery of valid credentials...
CVE-2026-27517
CVE-2026-27517 affects Binardat 10G08-0800GSM network switch firmware up to version V300SP10260209. The flaw stems from unsanitized user input in the web interface, enabling an attacker to inject and execute arbitrary JavaScript within an authenticated user’s context (XSS). The CVE details do not...
CVE-2026-27507 Binardat 10G08-0800GSM Network Switch Hard-coded Credentials
Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior contain hard-coded administrative credentials that cannot be changed by users. Knowledge of these credentials allows full administrative access to the device...
CVE-2026-24441
Shenzhen Tenda AC7 firmware version V03.03.03.01cn and prior expose account credentials in plaintext within HTTP responses, allowing an on-path attacker to obtain sensitive authentication material...
CVE-2026-24441
Shenzhen Tenda AC7 firmware version V03.03.03.01cn and prior expose account credentials in plaintext within HTTP responses, allowing an on-path attacker to obtain sensitive authentication material...
CVE-2026-23699
The CVE-2026-23699 entry affects Ruijie Networks AP180 series (firmware versions prior to AP_RGOS 11.9(4)B1P8). The vulnerability is an OS command injection in the device, enabling arbitrary OS commands to be executed when exploited by a user with administrative privileges via the affected interf...
Zyxel NBG-418N v2 安全漏洞
The Zyxel NBG-418N v2 is a wireless router from China Hopkins Zyxel. A security vulnerability exists in the Zyxel NBG-418N v2 firmware version prior to V1.00. An attacker could exploit this vulnerability to cause a buffer overflow...
CVE-2022-43390
A command injection vulnerability in the CGI program of Zyxel NR7101 firmware prior to V1.15ACCC.3C0, which could allow an authenticated attacker to execute some OS commands on a vulnerable device by sending a crafted HTTP request...
CVE-2022-3187
Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 contain a vulnerability where certain PHP pages only validate when a valid connection is established with the database. However, these PHP pages do not verify the validity of a user. Attackers could leverage this lack of verification to read...
CVE-2022-34747
A format string vulnerability in Zyxel NAS326 firmware versions prior to V5.21AAZF.12C0 could allow an attacker to achieve unauthorized remote code execution via a crafted UDP packet...
CVE-2021-26572
The Baseboard Management Controller BMC firmware in HPE Apollo 70 System prior to version 3.0.14.0 has a local buffer overflow in libifc.so webgetactivexcfg function...
ASUS RT-AC * and RT-N * Information Disclosure Vulnerability (CNVD-2017-06426)
ASUS RT-AC and RT-N are two router products. An information disclosure vulnerability exists in the ASUS RT-AC and RT-N firmware prior to 3.0.0.4.380.7378. An attacker can exploit the vulnerability to obtain sensitive information...
CVE-2016-1473
Cisco Small Business 220 devices with firmware before 1.0.1.1 have a hardcoded SNMP community, which allows remote attackers to read or modify SNMP objects by leveraging knowledge of this community, aka Bug ID CSCuz76216...