Lucene search
+L

14 matches found

CVE
CVE
added 2026/04/03 10:51 p.m.21 views

CVE-2017-20235

CVE-2017-20235 affects ProSoft Technology ICX35-HWC gateways (firmware version 1.3 and earlier). The issue is an authentication bypass in the web user interface that lets unauthenticated attackers access administrative functions and full device configuration without valid credentials. Affected co...

9.8CVSS5.9AI score0.00451EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/03/12 12:0 a.m.20 views

CVE-2026-25819

CVE-2026-25819 affects HMS Networks Ewon Flexy and Cosy+ devices. Vulnerable versions include Flexy firmware before 15.0s4, Cosy+ firmware 22.xx before 22.1s6, and Cosy+ firmware 23.xx before 23.0s3. The issue allows unauthenticated attackers with GUI access to trigger a specially crafted HTTP re...

7.5CVSS5.8AI score0.00483EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/03/07 12:20 a.m.5 views

CVE-2026-25070

XikeStor SKS8310-8X Network Switch firmware versions 1.04.B07 and prior contain an OS command injection vulnerability in the /goform/PingTestSet endpoint that allows unauthenticated remote attackers to execute arbitrary operating system commands. Attackers can inject malicious commands through th...

9.3CVSS6.5AI score0.02999EPSS
Exploits0References3
NVD
NVD
added 2026/02/24 4:24 p.m.21 views

CVE-2026-27515

Binardat 10G08-0800GSM network switch firmware versions prior to V300SP10260209 generate predictable numeric session identifiers in the web management interface. An attacker can guess valid session IDs and hijack authenticated sessions...

9.3CVSS0.00321EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 8:36 p.m.6 views

CVE-2021-20856

Cross-site scripting vulnerability in ELECOM LAN routers WRH-733GBK firmware v1.02.9 and prior and WRH-733GWH firmware v1.02.9 and prior allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors...

5.4CVSS6.5AI score0.00585EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:31 p.m.7 views

CVE-2021-27450

SSH server configuration file does not implement some best practices. This could lead to a weakening of the SSH protocol strength, which could lead to additional misconfiguration or be leveraged as part of a larger attack on the MU320E all firmware versions prior to v04A00.1...

7.8CVSS7AI score0.00196EPSS
Exploits0References1
OSV
OSV
added 2024/02/06 1:15 a.m.4 views

CVE-2023-6229

Buffer overflow in CPCA PDL Resource Download process of Office Multifunction Printers and Laser Printers which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code.: Satera LBP670C Series/Satera MF750C Series firmware v03.07...

9.8CVSS6.1AI score0.01383EPSS
Exploits0References4
OSV
OSV
added 2023/12/23 9:15 a.m.7 views

CVE-2023-5961

A Cross-Site Request Forgery CSRF vulnerability has been identified in ioLogik E1200 Series firmware versions v3.3 and prior. An attacker can exploit this vulnerability to trick a client into making an unintentional request to the web server, which will be treated as an authentic request. This...

8.8CVSS5.7AI score0.00373EPSS
Exploits1References1
Prion
Prion
added 2023/09/06 10:15 a.m.25 views

Design/Logic Flaw

Multiple TP-LINK products allow a network-adjacent authenticated attacker to execute arbitrary OS commands. Affected products/versions are as follows: Archer C50 firmware versions prior to 'Archer C50JPV3230505', Archer C55 firmware versions prior to 'Archer C55JPV1230506', and Archer C20 firmwar...

5.2CVSS8AI score0.00398EPSS
Exploits0References4Affected Software2
CNNVD
CNNVD
added 2022/09/12 12:0 a.m.7 views

Linksys E5350 访问控制错误漏洞

Linksys E5350 is a router from Linksys USA. An access control error vulnerability exists in the Linksys E5350 WiFi Router version 1.0.00.037 and prior versions. An attacker could exploit this vulnerability to access the device's web interface and extract sensitive information...

7.5CVSS7.4AI score0.00763EPSS
Exploits1References2
Prion
Prion
added 2021/03/25 8:15 p.m.18 views

Hardcoded credentials

The software contains a hard-coded password it uses for its own inbound authentication or for outbound communication to external components on the Reason DR60 all firmware versions prior to 02A04.1...

7.5CVSS9.6AI score0.01351EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2018/03/07 6:29 p.m.7 views

CVE-2018-5452

A Stack-based Buffer Overflow issue was discovered in Emerson Process Management ControlWave Micro Process Automation Controller: ControlWave Micro ProConOS v.4.01.280 firmware: CWM v.05.78.00 and prior. A stack-based buffer overflow vulnerability caused by sending crafted packets on Port 20547...

7.5CVSS6.2AI score0.02051EPSS
Exploits0References2
OSV
OSV
added 2017/05/06 12:29 a.m.5 views

CVE-2017-7909

A Use of Client-Side Authentication issue was discovered in Advantech B+B SmartWorx MESR901 firmware versions 1.5.2 and prior. The web interface uses JavaScript to check client authentication and redirect unauthorized users. Attackers may intercept requests and bypass authentication to access...

9.8CVSS5.8AI score0.02616EPSS
Exploits0References2
exploitpack
exploitpack
added 2005/08/05 12:0 a.m.13 views

Lantronix Secure Console Server SCS820SCS1620 - Multiple Local Vulnerabilities

Lantronix Secure Console Server SCS820SCS1620 - Multiple Local Vulnerabilities source: https://www.securityfocus.com/bid/14486/info Lantronix Secure Console Server SCS820/SCS1620 devices are susceptible to multiple local vulnerabilities. The first issue is an insecure default permission...

0.7AI score
Exploits0
Rows per page
Query Builder