196 matches found
MAL-2025-191824 Malicious code in prof-tg-dooorto-qu (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 b4b5d4d87a39a286c8665b40b510ac0016d0b71fcc83fde246dd1bca7402af09 Package silently exfiltrates user's credentials ahead of starting the promised functionality. First batch used simple code, the newer attempt to hide...
MAL-2025-191827 Malicious code in prof-tg-go-qu (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 e68d60babccd176fc8f6620e7b711731ff8d6b200d2141b318f1f09482c5a903 Package silently exfiltrates user's credentials ahead of starting the promised functionality. First batch used simple code, the newer attempt to hide...
MAL-2025-191825 Malicious code in prof-tg-gdghho-qu (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 6df3141fefe81c96a851af6c8844be2deba7f120c5700fed083ef85087a132b0 Package silently exfiltrates user's credentials ahead of starting the promised functionality. First batch used simple code, the newer attempt to hide...
Malicious code in prof-tg-dggrto-qu (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 a9dba23d808b6cdccaa1ceb5d393dd3b7774d71a2fdcde19ef7e1ea927a386ce Package silently exfiltrates user's credentials ahead of starting the promised functionality. First batch used simple code, the newer attempt to hide...
MAL-2025-191823 Malicious code in prof-tg-dggrto-qu (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 a9dba23d808b6cdccaa1ceb5d393dd3b7774d71a2fdcde19ef7e1ea927a386ce Package silently exfiltrates user's credentials ahead of starting the promised functionality. First batch used simple code, the newer attempt to hide...
Malicious code in prof-qux (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 5b87af8d8f13bd43c1cf3490ea551b8d60fe05a482875597ef2fe5d2c200ca19 Package silently exfiltrates user's credentials ahead of starting the promised functionality. First batch used simple code, the newer attempt to hide...
MAL-2025-191821 Malicious code in prof-qux (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 5b87af8d8f13bd43c1cf3490ea551b8d60fe05a482875597ef2fe5d2c200ca19 Package silently exfiltrates user's credentials ahead of starting the promised functionality. First batch used simple code, the newer attempt to hide...
CVE-2025-46267
Hidden functionality issue exists in WRC-BE36QS-B and WRC-W701-B. If exploited, the product's hidden debug function may be enabled by a remote attacker who can log in to WebGUI...
CVE-2025-46267
Hidden functionality issue exists in WRC-BE36QS-B and WRC-W701-B. If exploited, the product's hidden debug function may be enabled by a remote attacker who can log in to WebGUI...
CVE-2025-46267
Hidden functionality issue exists in WRC-BE36QS-B and WRC-W701-B. If exploited, the product's hidden debug function may be enabled by a remote attacker who can log in to WebGUI...
CVE-2025-46267
CVE-2025-46267 affects ELECOM WRC-BE36QS-B and WRC-W701-B wireless routers. A remote attacker who can log in to WebGUI can enable the device’s hidden debug function. Documented CVSS: v3.1 base 4.9 (Network, Low complexity, Privileges: High, Confidentiality: None, Integrity: High, Availability: No...
CVE-2025-46267
Hidden functionality issue exists in WRC-BE36QS-B and WRC-W701-B. If exploited, the product's hidden debug function may be enabled by a remote attacker who can log in to WebGUI...
Firebox T15 contains an issue with hidden functionality
Overview Firebox T15 provided by WatchGuard Technologies contains the following vulnerability. Hidden functionality CWE-912 - CVE-2025-4106 Chuya Hayakawa and Ryo Kamino of 00One, Inc. reported this vulnerability to JPCERT/CC. JPCERT/CC coordinated with the developer. Impact An attacker may log...
CVE-2024-47001
Hidden functionality issue in multiple digital video recorders provided by TAKENAKA ENGINEERING CO., LTD. allows a remote authenticated attacker to execute an arbitrary OS command on the device or alter the device settings...
CVE-2023-5102
Insufficient Control Flow Management in RDT400 in SICK APU allows an unprivileged remote attacker to potentially enable hidden functionality via HTTP requests...
CVE-2023-38576
Hidden functionality vulnerability in LAN-WH300N/RE all versions provided by LOGITEC CORPORATION allows an authenticated user to execute arbitrary OS commands on a certain management console...
CVE-2023-35991
Hidden functionality vulnerability in LOGITEC wireless LAN routers allows an unauthenticated attacker to log in to the product's certain management console and execute arbitrary OS commands. Affected products and versions are as follows: LAN-W300N/DR all versions, LAN-WH300N/DR all versions,...
CVE-2023-22316
Hidden functionality vulnerability in PIX-RT100 versions RT100TEQ2.1.1EQ101 and RT100TEQ2.1.2EQ101 allows a network-adjacent attacker to access the product via undocumented Telnet or SSH services...
CVE-2022-43486
Hidden functionality vulnerability in Buffalo network devices allows a network-adjacent attacker with an administrative privilege to enable the debug functionalities and execute an arbitrary command on the affected devices...
CVE-2022-43464
Hidden functionality vulnerability in UDR-JA1604/UDR-JA1608/UDR-JA1616 firmware versions 71x10.1.107112.43A and earlier allows a remote authenticated attacker to execute an arbitrary OS command on the device or alter the device settings...