CVE-2025-10641

EfficientLab WorkExaminer Professional suffers unencrypted traffic across its monitoring stack. The CVE-2025-10641 description (confirmed across multiple sources) states that all communications between monitoring client, console, and server are transmitted in clear text, including unencrypted FTP...

EUVD-2002-0533

Malware in sbrugna...

EUVD-2023-45263

Malicious code in bioql PyPI...

CVE-2023-1834

Rockwell Automation was made aware that Kinetix 5500 drives, manufactured between May 2022 and January 2023, and are running v7.13 may have the telnet and FTP ports open by default. This could potentially allow attackers unauthorized access to the device through the open ports...

CVE-2024-39794

Multiple external config control vulnerabilities exist in the nas.cgi setnas proftpd functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to permission bypass. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A...

CVE-2024-39794

Wavlink AC3000 (M33A8.V5030.210505) is affected by multiple external config control vulnerabilities in the nas.cgi set_nas() proftpd functionality. The issues allow configuration injection via ftp_port and related FTP settings (ftp_name, ftp_port, ftp_max_sessions, etc.) and can enable permission...

PT-2025-2573 · Wavlink · Wavlink Ac3000

Name of the Vulnerable Software and Affected Versions: Wavlink AC3000 version M33A8.V5030.210505 Description: Multiple external config control vulnerabilities exist in the nas.cgi set nas proftpd functionality. A specially crafted HTTP request can lead to permission bypass. An attacker can make a...

CVE-2023-40708

The File Transfer Protocol FTP port is open by default in the SNAP PAC S1 Firmware version R10.3b. This could allow an adversary to access some device files...

CVE-2023-40708 Improper Access Control in OPTO 22 SNAP PAC S1

The File Transfer Protocol FTP port is open by default in the SNAP PAC S1 Firmware version R10.3b. This could allow an adversary to access some device files...

OPTO 22 SNAP PAC S1 安全漏洞

The OPTO 22 SNAP PAC S1 is a controller from OPTO 22 USA. A security vulnerability exists in the OPTO 22 SNAP PAC S1 R10.3b firmware version that stems from the File Transfer Protocol FTP port being open by default, allowing an attacker to access certain device files...

SUSE CVE-2001-0405

ipconntrackftp in the IPTables firewall for Linux 2.4 allows remote attackers to bypass access restrictions for an FTP server via a PORT command that lists an arbitrary IP address and port number, which is added to the RELATED table and allowed by the firewall...

CVE-2022-2103

An attacker with weak credentials could access the TCP port via an open FTP port, allowing an attacker to read sensitive files and write to remotely executable directories...

CVE-2022-2103 Secheron SEPCOS Control and Protection Relay

An attacker with weak credentials could access the TCP port via an open FTP port, allowing an attacker to read sensitive files and write to remotely executable directories...

CVE-2022-2103 Secheron SEPCOS Control and Protection Relay

An attacker with weak credentials could access the TCP port via an open FTP port, allowing an attacker to read sensitive files and write to remotely executable directories...

CVE-2022-2103

The CVE-2022-2103 vulnerability affects Secheron SEPCOS Control and Protection Relay. Affected firmware: SEPCOS Single Package before 1.23.22, before 1.24.8, and before 1.25.3. Attack vector involves an attacker with weak credentials accessing the TCP port via FTP to read sensitive files and writ...

OESA-2022-1566 python3 security update

Python combines remarkable power with very clear syntax. It has modules, classes, exceptions, very high level dynamic data types, and dynamic typing. There are interfaces to many system calls and libraries, as well as to various windowing systems. New built-in modules are easily written in C or C...

Trojan-Dropper.Win32.SVB.cz Authentication Bypass / Code Execution

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/d57536189430fd75e45f53845e9b3f94.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan-Dropper.Win32.SVB.cz Vulnerability: Authentication Bypass RCE Description: The malware listen...

Security update for uftpd (important)

openSUSE Security Update: Security update for uftpd Announcement ID: openSUSE-SU-2020:0069-1 Rating: important References: 1160199 Cross-References: CVE-2020-5204 Affected Products: openSUSE Leap 15.1 An update that fixes one vulnerability is now available. Description: This update for uftpd to...

Schneider-electric Quantum Unspecified Vulnerability

The Schneider Electric Quantum Ethernet Module, as used in the Quantum 140NOE771 and 140CPU65 modules, the Premium TSXETY and TSXP57 modules, the M340 BMXNOE01 and BMXP3420 modules, and the STB DIO STBNIC2212 and STBNIP2 modules, uses hardcoded passwords for the 1 AUTCSE, 2 AUTCSE, 3 fdrusers, 4...

Lutron Quantum 3.2.243 Information Disclosure

Exploit Title: Login bypass and data leak - Lutron Quantum 2.0 - 3.2.243 firmware Date: 20-03-2018 Exploit Author: David Castro Contact: https://twitter.com/SadFud75 Vendor Homepage: http://www.lutron.com Software Link:...