196 matches found
CVE-2026-31847 Hidden Functionality Enables Remote Telnet Activation via /goform/setSysTools in Nexxt Nebula 300+
Hidden functionality in the /goform/setSysTools endpoint in Nexxt Solutions Nebula 300+ firmware through version 12.01.01.37 allows remote enablement of a Telnet service. By sending a crafted POST request with parameters such as telnetManageEn=true and telnetPwd, an authenticated attacker can...
PT-2026-27114
Hidden functionality in the /goform/setSysTools endpoint in Nexxt Solutions Nebula 300+ firmware through version 12.01.01.37 allows remote enablement of a Telnet service. Once enabled, the service exposes a privileged diagnostic management interface over the network, increasing the attack surface...
CVE-2025-48418
The CVE-2025-48418 entry describes a hidden functionality privilege-escalation vulnerability affecting Fortinet FortiAnalyzer and FortiManager (including cloud variants) across multiple versions (FortiAnalyzer: 6.4 all, 7.0.x–7.6.3; FortiAnalyzer Cloud: 6.4 all, 7.0.1–7.6.3; FortiManager: 6.4 all...
CVE-2025-55704
Hidden functionality issue exists in multiple MFPs provided by Brother Industries, Ltd., which may allow an attacker to obtain the logs of the affected product and obtain sensitive information within the logs...
Multiple vulnerabilities in BROTHER MFPs (multifunction printers)
Overview Multiple MFPs provided by BROTHER INDUSTRIES, LTD. contain multiple vulnerabilities listed below. Improper certificate validation CWE-295 - CVE-2025-53869 Hidden Functionality CWE-912 - CVE-2025-55704 Anton Fabricius of SySS GmbH reported these vulnerabilities to the developer. JPCERT/CC...
CVE-2025-55704
Hidden functionality issue exists in multiple MFPs provided by Brother Industries, Ltd., which may allow an attacker to obtain the logs of the affected product and obtain sensitive information within the logs...
EUVD-2025-206537
Hidden functionality issue exists in multiple MFPs provided by Brother Industries, Ltd., which may allow an attacker to obtain the logs of the affected product and obtain sensitive information within the logs...
CVE-2025-55704
Hidden functionality issue exists in multiple MFPs provided by Brother Industries, Ltd., which may allow an attacker to obtain the logs of the affected product and obtain sensitive information within the logs...
CVE-2025-55704
Hidden functionality issue exists in multiple MFPs provided by Brother Industries, Ltd., which may allow an attacker to obtain the logs of the affected product and obtain sensitive information within the logs...
CVE-2025-55704
Hidden functionality issue exists in multiple MFPs provided by Brother Industries, Ltd., which may allow an attacker to obtain the logs of the affected product and obtain sensitive information within the logs...
CVE-2025-55704
CVE-2025-55704 describes a hidden functionality issue in multiple Brother MFPs that may allow an attacker to obtain logs from the affected product and access sensitive information contained in those logs. The issue is surfaced across multiple feeds (NVD, Red Hat, JVN, CIRCL, CVE list, EUVD, etc.)...
CVE-2023-40158
Hidden functionality vulnerability in the CBC products allows a remote authenticated attacker to execute an arbitrary OS command on the device or alter its settings. As for the affected products/versions, see the detailed information provided by the vendor. Note that NR4H, NR8H, NR16H series and...
CVE-2025-11673
SOOP-CLM developed by PiExtract has a Hidden Functionality vulnerability, allowing privileged remote attackers to exploit a hidden functionality to execute arbitrary code on the server...
EUVD-2025-34050
SOOP-CLM developed by PiExtract has a Hidden Functionality vulnerability, allowing privileged remote attackers to exploit a hidden functionality to execute arbitrary code on the server...
CVE-2025-11673
SOOP-CLM developed by PiExtract has a Hidden Functionality vulnerability, allowing privileged remote attackers to exploit a hidden functionality to execute arbitrary code on the server...
CVE-2025-11673 PiExtract |SOOP-CLM - Hidden Functionality
SOOP-CLM developed by PiExtract has a Hidden Functionality vulnerability, allowing privileged remote attackers to exploit a hidden functionality to execute arbitrary code on the server...
CVE-2025-11673 PiExtract |SOOP-CLM - Hidden Functionality
SOOP-CLM developed by PiExtract has a Hidden Functionality vulnerability, allowing privileged remote attackers to exploit a hidden functionality to execute arbitrary code on the server...
CVE-2025-11673
CVE-2025-11673 affects PiExtract SOOP-CLM. The connected sources describe a Hidden Functionality vulnerability that allows a privileged remote attacker to exploit hidden functionality to execute arbitrary code on the server. The entries list high-impact scores (CVSS 3.1/3.1 base 7.2; CVSS 4.0/4.0...
PT-2025-41773
Name of the Vulnerable Software and Affected Versions SOOP-CLM affected versions not specified Description SOOP-CLM, developed by PiExtract, contains a Hidden Functionality issue. Privileged remote attackers can exploit this functionality to execute arbitrary code on the server. Recommendations A...
PiExtract SOOP-CLM 安全漏洞
PiExtract SOOP-CLM is a cost-effective, enterprise-grade, centralized log management solution from China Xinyan PiExtract. A security vulnerability exists in PiExtract SOOP-CLM that stems from the presence of hidden functionality that could lead to the execution of arbitrary code by a privileged...