196 matches found
Multiple vulnerabilities in NEC Aterm series (NV26-001)
Overview Aterm series products provided by NEC Corporation contain multiple vulnerabilities listed below. Missing authorization CWE-862 - CVE-2026-4309 Path traversal CWE-22 - CVE-2026-4619 OS command injection CWE-78 - CVE-2026-4620, CVE-2026-4622 Hidden functionality CWE-912 - CVE-2026-4621 The...
Hidden Functionality
Overview org.webjars.npm:electron is a framework which lets you write cross-platform desktop applications using JavaScript, HTML and CSS. Affected versions of this package are vulnerable to Hidden Functionality via the commandLineSwitches webPreference. An attacker can inject arbitrary command-li...
Hidden Functionality
Overview electron is a framework which lets you write cross-platform desktop applications using JavaScript, HTML and CSS. Affected versions of this package are vulnerable to Hidden Functionality via the commandLineSwitches webPreference. An attacker can inject arbitrary command-line switches into...
CVE-2026-4621
Hidden Functionality vulnerability in NEC Platforms, Ltd. Aterm Series allows a attacker to enable telnet via network...
CVE-2026-33280
Hidden functionality issue exists in BUFFALO Wi-Fi router products, which may allow an attacker to gain access to the product’s debugging functionality, resulting in the execution of arbitrary OS commands...
EUVD-2026-16589
Hidden Functionality vulnerability in NEC Platforms, Ltd. Aterm Series allows a attacker to enable telnet via network...
CVE-2026-4621
Hidden Functionality vulnerability in NEC Platforms, Ltd. Aterm Series allows a attacker to enable telnet via network...
CVE-2026-4621
Hidden Functionality vulnerability in NEC Platforms, Ltd. Aterm Series allows a attacker to enable telnet via network...
CVE-2026-4621
Hidden Functionality vulnerability in NEC Platforms, Ltd. Aterm Series allows a attacker to enable telnet via network...
CVE-2026-4621
Hidden Functionality vulnerability in NEC Platforms, Ltd. Aterm Series allows a attacker to enable telnet via network...
CVE-2026-4621
NEC Platforms, Ltd. Aterm Series devices contain a Hidden Functionality vulnerability that allows an attacker to enable Telnet over the network. According to the NVD entry, the issue has a CVSS v4.0 base score of 6.3 (MEDIUM) with Network attackVector, HIGH attackComplexity, no privileges require...
Multiple vulnerabilities in BUFFALO Wi-Fi routers
Overview Wi-Fi router products provided by BUFFALO INC. contain multiple vulnerabilities listed below. Dependency on vulnerable third-party component CWE-1395 - This issue is caused by a vulnerability in minihttpd CVE-2015-1548. OS command injection CWE-78 - CVE-2026-27650 Code injection CWE-94 -...
EUVD-2026-16549
Hidden functionality issue exists in BUFFALO Wi-Fi router products, which may allow an attacker to gain access to the product’s debugging functionality, resulting in the execution of arbitrary OS commands...
CVE-2026-33280
Hidden functionality issue exists in BUFFALO Wi-Fi router products, which may allow an attacker to gain access to the product’s debugging functionality, resulting in the execution of arbitrary OS commands...
CVE-2026-33280
Hidden functionality issue exists in BUFFALO Wi-Fi router products, which may allow an attacker to gain access to the product’s debugging functionality, resulting in the execution of arbitrary OS commands...
CVE-2026-33280
Hidden functionality issue exists in BUFFALO Wi-Fi router products, which may allow an attacker to gain access to the product’s debugging functionality, resulting in the execution of arbitrary OS commands...
CVE-2026-33280
The CVE-2026-33280 entry describes a hidden functionality issue in BUFFALO Wi‑Fi router products. The vulnerability could let an attacker access the device’s debugging functionality and execute arbitrary OS commands. The issue is tied to network access with low attack complexity and requires high...
PT-2026-28475
Name of the Vulnerable Software and Affected Versions BUFFALO Wi-Fi router products affected versions not specified Description A hidden functionality issue exists that may allow an attacker to gain access to the product’s debugging functionality. Successful exploitation could result in the...
PT-2026-28647
Name of the Vulnerable Software and Affected Versions NEC Platforms, Ltd. Aterm Series affected versions not specified Description A hidden functionality exists in NEC Platforms, Ltd. Aterm Series that allows an attacker to enable telnet access via the network. Recommendations At the moment, ther...
CVE-2026-31847
Hidden functionality in the /goform/setSysTools endpoint in Nexxt Solutions Nebula 300+ firmware through version 12.01.01.37 allows remote enablement of a Telnet service. By sending a crafted POST request with parameters such as telnetManageEn=true and telnetPwd, an authenticated attacker can...