CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

39 matches found

CVE•added 2026/05/12 1:59 p.m.•9 views

CVE-2026-6866

CVE-2026-6866 affects EcoStruxure Panel Server and describes a CWE-1188 vulnerability where initialization of a resource with an insecure default could enable unauthorized authentication when credentials revert to initial settings. The threat scenario implies potential unauthorized disclosure of ...

8.2CVSS5.8AI score0.00059EPSS

Exploits0References1

Vulnrichment•added 2026/05/12 1:59 p.m.•7 views

CVE-2026-6866 Initialization of a Resource with an Insecure Default vulnerability on EcoStruxure™ Panel Server

CWE-1188 Initialization of a Resource with an Insecure Default vulnerability exists that could cause unauthorized disclosure of sensitive information when credentials revert to initial settings in rare circumstances, enabling unauthorized authentication using known credentials...

8.2CVSS5.8AI score0.00059EPSS

Exploits0References1

CVE•added 2026/05/12 9:16 a.m.•12 views

CVE-2026-7428

CVE-2026-7428 affects Google Cloud AlloyDB for PostgreSQL. The vulnerability stems from insecure default administrative credentials that could be created by well-intended Terraform or REST API users before 2025-11-03, enabling a remote attacker to gain full administrative access to the database. ...

9.2CVSS5.8AI score0.00054EPSS

Exploits0References1

ATTACKERKB•added 2026/04/20 3:17 a.m.•0 views

CVE-2026-32965

Initialization of a resource with an insecure default vulnerability exists in SD-330AC and AMC Manager provided by silex technology, Inc. When the affected device is connected to the network with the initial factory-default configuration, the device can be configured with the null string password...

8.7CVSS5.8AI score0.00041EPSS

Exploits0References4Affected Software2

RedhatCVE•added 2026/02/19 1:28 a.m.•2 views

CVE-2025-70998

UTT HiPER 810 / nv810v4 router firmware v1.5.0-140603 was discovered to contain insecure default credentials for the telnet service, possibly allowing a remote attacker to gain root access via a crafted script...

9.8CVSS5.7AI score0.00255EPSS

Exploits1References1

Positive Technologies•added 2026/02/18 12:0 a.m.•1 views

PT-2026-20437

5.7AI score0.00255EPSS

Exploits1References1

CVE•added 2026/02/18 12:0 a.m.•5 views

CVE-2025-70998

CVE-2025-70998 affects UTT HiPER 810 / nv810v4 router firmware, version v1.5.0-140603. The telnet service ships with insecure default credentials, potentially allowing a remote attacker to gain root access via a crafted script. No exploitation details or mitigations are provided in the available ...

9.8CVSS5.7AI score0.00255EPSS

Exploits1References1Affected Software1

VulnCheck KEV•added 2026/01/20 12:0 a.m.•1 views

VulnCheck KEV: CVE-2025-0890

UNSUPPORTED WHEN ASSIGNED Insecure default credentials for the Telnet function in the legacy DSL CPE Zyxel VMG4325-B10A firmware version 1.00AAFR.4C020170615 could allow an attacker to log in to the management interface if the administrators have the option to change the default credentials but...

9.8CVSS5.8AI score0.21668EPSS

In wildExploits0References2

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2017-15738

Malware in sbrugna...

9CVSS8.8AI score0.00992EPSS

Exploits0References3

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2017-15743

Malware in sbrugna...

8.8CVSS8.8AI score0.00767EPSS

Exploits0References3

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2017-15740

Malware in sbrugna...

8.8CVSS8.8AI score0.00767EPSS

Exploits0References3

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2023-23985

Malicious code in bioql PyPI...

10CVSS9.2AI score0.00854EPSS

Exploits0References1

RedhatCVE•added 2025/09/20 12:30 a.m.•7 views

CVE-2025-57295

H3C devices running firmware version NX15V100R015 are vulnerable to unauthorized access due to insecure default credentials. The root user account has no password set, and the H3C user account uses the default password "admin," both stored in the /etc/shadow file. Attackers with network access ca...

8CVSS7.7AI score0.0013EPSS

Exploits1References1

Positive Technologies•added 2025/08/25 12:0 a.m.•2 views

PT-2025-34655 · D Link · Dsl-7740C

Name of the Vulnerable Software and Affected Versions: D-Link DSL-7740C version DSL7740C.V6.TR069.20211230 Description: The device uses insecure default credentials for the Administrator account, potentially allowing attackers to escalate privileges through a brute-force attack. Recommendations:...

5.3CVSS7AI score0.00213EPSS

Exploits1References4

Cvelist•added 2025/08/25 12:0 a.m.•3 views

CVE-2025-29521

Insecure default credentials for the Adminsitrator account of D-Link DSL-7740C with firmware DSL7740C.V6.TR069.20211230 allows attackers to escalate privileges via a bruteforce attack...

0.00213EPSS

Exploits1References2

CNNVD•added 2025/08/25 12:0 a.m.•1 views

DASAN H660WM 安全漏洞

DASAN H660WM is an optical network terminal from DASAN, Korea. A security vulnerability exists in the DASAN H660WM H660WMR210825 version, which stems from the presence of insecure default credentials...

5.3CVSS6.8AI score0.00058EPSS

Exploits0References2

RedhatCVE•added 2025/05/23 6:19 a.m.•2 views

CVE-2024-48271

D-Link DSL6740C v6.TR069.20211230 was discovered to use insecure default credentials for Administrator access, possibly allowing attackers to bypass authentication and escalate privileges on the device via a bruteforce attack...

8.8CVSS7.8AI score0.00038EPSS

Exploits1References1

CNNVD•added 2025/02/04 12:0 a.m.•2 views

Zyxel VMG4325-B10A 授权问题漏洞

The Zyxel VMG4325-B10A is a modem from China Heqin Zyxel. An authorization issue vulnerability exists in Zyxel VMG4325-B10A version 1.00AAFR.4C020170615, which stems from insecure default credentials...

9.8CVSS9AI score0.21668EPSS

Exploits0References1