Lucene search
+L

6 matches found

Vulnrichment
Vulnrichment
added 2025/10/16 12:0 a.m.2 views

CVE-2025-60855

Reolink Video Doorbell WiFi DB566128M5MPW performs insufficient validation of firmware update signatures. This allows attackers to load malicious firmware images, resulting in arbitrary code execution with root privileges. NOTE: this is disputed by the Supplier because the integrity of updates is...

7.5AI score0.00117EPSS
Exploits0References2
CVE
CVE
added 2025/10/16 12:0 a.m.20 views

CVE-2025-60855

CVE-2025-60855 affects Reolink Video Doorbell WiFi DB_566128M5MP_W. The vulnerability is due to insufficient validation of firmware update signatures, which could allow loading of malicious firmware and result in arbitrary code execution with root privileges. Some sources note the supplier disput...

5.1CVSS7.5AI score0.00117EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/08/22 1:22 p.m.14 views

CVE-2025-31355

A firmware update vulnerability exists in the Firmware Signature Validation functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted malicious file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability...

9.8CVSS7AI score0.0028EPSS
Exploits0References1
CVE
CVE
added 2025/08/20 1:9 p.m.31 views

CVE-2025-31355

CVE-2025-31355 affects the Tenda AC6 V5.0 (V02.03.01.110) firmware. Talos reports a firmware update vulnerability in the Firmware Signature Validation function that allows an attacker to flash a malicious upgrade file, potentially executing arbitrary code. The analysis shows the device validates ...

9.8CVSS7.8AI score0.0028EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2025/08/20 12:0 a.m.11 views

PT-2025-34048 · Tenda · Tenda Ac6

Name of the Vulnerable Software and Affected Versions: Tenda AC6 version V02.03.01.110 Description: A firmware update vulnerability exists in the Firmware Signature Validation functionality. A specially crafted malicious file can lead to arbitrary code execution. An attacker can provide a malicio...

9.8CVSS6.9AI score0.0028EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/05/23 3:19 a.m.7 views

CVE-2023-23772

Motorola MBTS Site Controller fails to check firmware update authenticity. The Motorola MBTS Site Controller lacks cryptographic signature validation for firmware update packages, allowing an authenticated attacker to gain arbitrary code execution, extract secret key material, and/or leave a...

8.8CVSS7.4AI score0.00419EPSS
Exploits0References1
Rows per page
Query Builder