CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

16 matches found

RedhatCVE•added 2025/12/14 7:5 p.m.•3 views

CVE-2025-14636

A security flaw has been discovered in Tenda AX9 22.03.01.46. This affects the function imagecheck of the component httpd. The manipulation results in use of weak hash. It is possible to launch the attack remotely. A high complexity level is associated with this attack. It is indicated that the...

6.3CVSS4.3AI score0.0008EPSS

Exploits1References1

OSV•added 2025/12/13 7:15 p.m.•1 views

CVE-2025-14636

6.3CVSS5.2AI score

Exploits0References5

NVD•added 2025/12/13 7:15 p.m.•1 views

CVE-2025-14636

6.3CVSS0.0008EPSS

Exploits1References5

ATTACKERKB•added 2025/12/13 7:2 p.m.•2 views

CVE-2025-14636

6.3CVSS4.8AI score0.0008EPSS

Exploits1References5Affected Software1

CVE•added 2025/12/13 7:2 p.m.•7 views

CVE-2025-14636

CVE-2025-14636 affects Tenda AX9 firmware version 22.03.01.46, where the httpd component's image_check uses a weak hash. This enables remote exploitation with high attack complexity, and the exploit is publicly available (proof-of-concept). No concrete remediation/version fix is provided in the s...

6.3CVSS4.3AI score0.0008EPSS

Exploits1References5Affected Software1

Cvelist•added 2025/12/13 7:2 p.m.•23 views

CVE-2025-14636 Tenda AX9 httpd image_check weak hash

6.3CVSS0.0008EPSS

Exploits1References5

Positive Technologies•added 2025/12/13 12:0 a.m.•4 views

PT-2025-51132

Name of the Vulnerable Software and Affected Versions Tenda AX9 version 22.03.01.46 Description A security flaw exists in the image check function within the httpd component of Tenda AX9 version 22.03.01.46. This issue involves the use of a weak hash, allowing for remote attacks. The attack is...

6.3CVSS4.3AI score0.0008EPSS

Exploits1References11

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2022-4376

Malicious code in bioql PyPI...

5.8CVSS5.8AI score0.00177EPSS

Exploits0References7

OSV•added 2025/04/03 8:15 p.m.•0 views

CVE-2025-29570

An issue in Shenzhen Libituo Technology Co., Ltd LBT-T300-T400 v3.2 allows a local attacker to escalate privileges via the function tftpimagecheck of a binary named rc...

7.8CVSS5.8AI score0.00189EPSS

Exploits1References1

Cvelist•added 2025/04/03 12:0 a.m.•7 views

CVE-2025-29570

An issue in Shenzhen Libituo Technology Co., Ltd LBT-T300-T400 v3.2 allows a local attacker to escalate privileges via the function tftpimagecheck of a binary named rc...

0.00189EPSS

Exploits1References1

CNNVD•added 2025/04/03 12:0 a.m.•2 views

Shenzhen Libituo Technology LBT-T300-T400 安全漏洞

Shenzhen Libituo Technology LBT-T300-T400 is an industrial router from Shenzhen Libituo Technology China. A security vulnerability exists in the Shenzhen Libituo Technology LBT-T300-T400 version 3.2, which stems from a flaw in the tftpimagecheck function in the rc binary, which could lead to...

7.8CVSS6.7AI score0.00189EPSS

Exploits1References2

Positive Technologies•added 2025/04/03 12:0 a.m.•2 views

PT-2025-14789 · Unknown · Lbt-T300-T400

Name of the Vulnerable Software and Affected Versions: Shenzhen Libituo Technology Co., Ltd LBT-T300-T400 version 3.2 Description: An issue in Shenzhen Libituo Technology Co., Ltd LBT-T300-T400 version 3.2 allows a local attacker to escalate privileges via the tftp image check function of a binar...

7.8CVSS6.1AI score0.00189EPSS

Exploits1References7

Cvelist•added 2024/07/31 6:57 p.m.•16 views

CVE-2024-40645 FOG Authenticated File Upload RCE

FOG is a cloning/imaging/rescue suite/inventory management system. An improperly restricted file upload feature allows authenticated users to execute arbitrary code on the fogproject server. The Rebranding feature has a check on the client banner image requiring it to be 650 pixels wide and 120...

8.8CVSS0.00229EPSS

Exploits1References3