133 matches found
CVE-2026-35075
An unauthenticated remote attacker can recover a default, hard coded password from a firmware image and thus gain full access to all affected devices...
CVE-2026-35075
CVE-2026-35075: An unauthenticated remote attacker can recover a default, hard-coded password from a firmware image, gaining full access to all affected devices. The Connected documents confirm the vulnerability allows extraction of the credential from firmware and implies full device compromise;...
EUVD-2026-34071
An unauthenticated remote attacker can recover a default, hard coded password from a firmware image and thus gain full access to all affected devices...
CVE-2026-35075 Hardcoded default Password for Service Account
An unauthenticated remote attacker can recover a default, hard coded password from a firmware image and thus gain full access to all affected devices...
CVE-2026-35075
An unauthenticated remote attacker can recover a default, hard coded password from a firmware image and thus gain full access to all affected devices...
CVE-2026-35075 Hardcoded default Password for Service Account
An unauthenticated remote attacker can recover a default, hard coded password from a firmware image and thus gain full access to all affected devices...
CVE-2026-7786
Jinan USR IOT Technology Limited PUSR USR-W610 RS232/485 to Wi-Fi/Ethernet Converter device firmware contains plaintext administrative credentials embedded in the firmware image. These credentials can be extracted through firmware analysis and used to authenticate to device services...
PT-2026-44970
Name of the Vulnerable Software and Affected Versions USR-W610 affected versions not specified Description The firmware of the Jinan USR IOT Technology Limited PUSR USR-W610 RS232/485 to Wi-Fi/Ethernet Converter contains hard-coded administrative credentials stored in plaintext. These credentials...
CVE-2026-37540
A flaw was found in OpenAMP. An integer overflow vulnerability exists in the ELF loader's firmware image parsing, specifically within elfloader.c. This flaw occurs when multiplying two attacker-controlled 16-bit values from the ELF header without proper overflow checking. On 32-bit embedded...
EUVD-2026-28399
Yarbo firmware v2.3.9 contains hardcoded administrative credentials embedded in the firmware image. These credentials are identical across all devices running this firmware and cannot be changed or removed by end users, enabling trivial unauthorized access to device management interfaces by anyon...
CVE-2026-7414
Yarbo firmware v2.3.9 contains hardcoded administrative credentials embedded in the firmware image. These credentials are identical across all devices running this firmware and cannot be changed or removed by end users, enabling trivial unauthorized access to device management interfaces by anyon...
EUVD-2026-26693
OpenAMP v2025.10.0 ELF loader contains an integer overflow vulnerability in firmware image parsing. In elfloader.c, it performs multiplication of two attacker-controlled 16-bit values from the ELF header without overflow checking. On 32-bit embedded systems STM32MP1, Zynq, i.MX, large values can...
EUVD-2025-209317
Siklu EtherHaul 8010 siklu-uimage-nxp-enc-1062-18707-ea552dc00b devices have a static root password...
CVE-2025-12007
There is a vulnerability in the Supermicro BMC firmware validation logic at Supermicro MBD-X13SEM-F . An attacker can update the system firmware with a specially crafted image...
EUVD-2017-17205
Malware in sbrugna...
EUVD-2015-6470
Malware in sbrugna...
EUVD-2017-17199
Malware in sbrugna...
EUVD-2021-13188
Malware in sbrugna...
EUVD-2024-33599
Malicious code in bioql PyPI...
EUVD-2025-6038
Malicious code in bioql PyPI...