KevinLAB BEMS (Building Energy Management System) - Backdoor Account

KevinLAB BEMS has an undocumented backdoor account, and these sets of credentials are never exposed to the end-user and cannot be changed through any normal operation of the solution through the RMI. An attacker could exploit this vulnerability by logging in using the backdoor account with highes...

CVE-2026-30496

The Optoma CinemaX P2 projector firmware TVOS-04.24.010.04.01, Android 8.0.0 exposes an HTTP API on TCP port 2345 that allows full unauthenticated remote control of the device. The API supports both reading configuration 74 endpoints and writing/modifying settings including volume, mute,...

CVE-2025-57440

The Blackmagic ATEM Mini Pro 2.7 exposes an undocumented Telnet service on TCP port 9993, which accepts unauthenticated plaintext commands for controlling streaming, recording, formatting storage devices, and system reboot. This interface, referred to as the "ATEM Ethernet Protocol 1.0", provides...

Amp'ed RF BT-AP 111 Bluetooth access point lacks an authentication mechanism

Overview The Amp’ed RF BT-AP 111 Bluetooth Access Point exposes an HTTP-based administrative interface without authentication controls. This allows an unauthenticated remote attacker to gain full administrative access to the device. Description The Amp’ed RF BT-AP 111 is a Bluetooth-to-Ethernet...

Unitree Go 1 安全漏洞

Unitree Go 1 is a robotic dog from the Chinese company Unitree. Unitree Go 1 suffers from a security vulnerability that stems from an undocumented backdoor that could lead to full remote control of the device by the manufacturer or a person in possession of an API key...