EUVD-2025-208540

Tenda G1V3.1si V16.01.7.8 Firmware V16.01.7.8 was discovered to contain a hardcoded password vulnerability in /etcro/shadow, which allows attackers to log in as root...

EUVD-2025-208541

Tenda G1V3.1si V16.01.7.8 Firmware V16.01.7.8 was discovered to contain a hardcoded password vulnerability in /etcro/shadow, which allows attackers to log in as root...

EUVD-2025-208538

Tenda i24V3.0si V3.0.0.5 Firmware V3.0.0.5 was discovered to contain a hardcoded password vulnerability in /etcro/shadow, which allows attackers to log in as root...

CVE-2025-70802

Tenda G1V3.1si V16.01.7.8 Firmware V16.01.7.8 was discovered to contain a hardcoded password vulnerability in /etcro/shadow, which allows attackers to log in as root...

CVE-2025-70798

Tenda i24V3.0si V3.0.0.5 Firmware V3.0.0.5 was discovered to contain a hardcoded password vulnerability in /etcro/shadow, which allows attackers to log in as root...

EUVD-2025-208468

An unauthenticated remote attacker may use hardcodes credentials to get access to the previously activated FTP Server with limited read and write privileges...

EUVD-2025-208467

An unauthenticated remote attacker may use hardcodes credentials to get access to the previously activated FTP Server with limited read and write privileges...

CVE-2025-41710

An unauthenticated remote attacker may use hardcodes credentials to get access to the previously activated FTP Server with limited read and write privileges...

CVE-2025-70802

CVE-2025-70802 affects Tenda G1V3.1si firmware version V16.01.7.8. The vulnerability is a hardcoded password present in /etc_ro/shadow, enabling an attacker to log in as root. Multiple connected sources (NVD, Red Hat, ENISA EUVD, CVE record) corroborate the same description and firmware detail. E...

CVE-2025-70798

CVE-2025-70798 concerns the Tenda i24V3.0si firmware (v3.0.0.5). Multiple sources confirm a hardcoded password vulnerability in the "/etc_ro/shadow" file that allows an attacker to log in as root. The vulnerability is described consistently across CVE listings and vendor references. Reported impa...

PT-2026-24488

Istio is an open platform to connect, manage, and secure microservices. Prior to 1.29.1, 1.28.5, and 1.27.8, a user of Istio is impacted if the JWKS resolver becomes unavailable or the fetch fails, exposing hardcoded defaults regardless of use of the RequestAuthentication resource. This...

Schneider Electric EcoStruxure IT Data Center Expert 信任管理问题漏洞

Schneider Electric EcoStruxure IT Data Center Expert is an extensible monitoring software developed by Schneider Electric, a French company. It is used to collect, organize, and distribute information about critical devices, providing a comprehensive view of the devices. Schneider Electric...

PT-2026-24431

Name of the Vulnerable Software and Affected Versions Tenda i24V3.0si version 3.0.0.5 Description The firmware contains a hardcoded password, allowing attackers to log in as root. The hardcoded password is located in the '/etc ro/shadow' file. Recommendations Update to a newer version that...

PT-2026-24184

An unauthenticated remote attacker may use hardcodes credentials to get access to the previously activated FTP Server with limited read and write privileges...

CVE-2025-70798

Tenda i24V3.0si V3.0.0.5 Firmware V3.0.0.5 was discovered to contain a hardcoded password vulnerability in /etcro/shadow, which allows attackers to log in as root...

CVE-2025-70798

Tenda i24V3.0si V3.0.0.5 Firmware V3.0.0.5 was discovered to contain a hardcoded password vulnerability in /etcro/shadow, which allows attackers to log in as root...

CVE-2025-70802

Tenda G1V3.1si V16.01.7.8 Firmware V16.01.7.8 was discovered to contain a hardcoded password vulnerability in /etcro/shadow, which allows attackers to log in as root...

CVE-2025-70802

Tenda G1V3.1si V16.01.7.8 Firmware V16.01.7.8 was discovered to contain a hardcoded password vulnerability in /etcro/shadow, which allows attackers to log in as root...

Istio 信息泄露漏洞

Istio is an open-source platform that connects, manages, and protects microservices. Versions of Istio prior to 1.29.1, 1.28.5, and 1.27.8 have a vulnerability related to information leakage. This vulnerability arises from the JWKS resolver being unavailable or failing to retrieve values, exposin...

CVE-2025-70798

Tenda i24V3.0si V3.0.0.5 Firmware V3.0.0.5 was discovered to contain a hardcoded password vulnerability in /etcro/shadow, which allows attackers to log in as root...