CVE-2026-9347

A vulnerability has been found in Edimax EW-7438RPn up to 1.31. Affected is the function formWizSurvey of the file /goform/formWizSurvey of the component webs. The manipulation of the argument ip/mask/gateway leads to os command injection. It is possible to initiate the attack remotely. The explo...

EUVD-2017-16902

Malware in sbrugna...

EUVD-2015-7834

Malware in sbrugna...

EUVD-2017-16877

Malware in sbrugna...

EUVD-2015-7833

Malware in sbrugna...

EUVD-2017-16904

Malware in sbrugna...

EUVD-2020-3206

Malware in sbrugna...

EUVD-2024-50533

Malicious code in bioql PyPI...

EUVD-2023-12954

Malicious code in bioql PyPI...

EUVD-2023-12955

Malicious code in bioql PyPI...

EUVD-2023-12957

Malicious code in bioql PyPI...

CVE-2023-4489

The first S0 encryption key is generated with an uninitialized PRNG in Z/IP Gateway products running Silicon Labs Z/IP Gateway SDK v7.18.3 and earlier. This makes the first S0 key generated at startup predictable, potentially allowing network key prediction and unauthorized S0 network access...

CVE-2024-12012

A CWE-598 “Use of GET Request Method with Sensitive Query Strings” was discovered affecting the 130.8005 TCP/IP Gateway running firmware version 12h. Both the SHA-1 hash of the password as well as the session tokens are included as part of the URL and therefore exposed to information leakage...

CVE-2024-12013

A CWE-1392 “Use of Default Credentials” was discovered affecting the 130.8005 TCP/IP Gateway running firmware version 12h. The device exposes an FTP server with default and easy-to-guess admin credentials. A remote attacker capable of interacting with the FTP server could gain access and perform...

CVE-2024-12011

A CWE-126 “Buffer Over-read” was discovered affecting the 130.8005 TCP/IP Gateway running firmware version 12h. The information disclosure can be triggered by leveraging a memory leak affecting the web server. A remote unauthenticated attacker can exploit this vulnerability in order to leak valid...

CVE-2024-12013

A CWE-1392 “Use of Default Credentials” was discovered affecting the 130.8005 TCP/IP Gateway running firmware version 12h. The device exposes an FTP server with default and easy-to-guess admin credentials. A remote attacker capable of interacting with the FTP server could gain access and perform...

CVE-2024-12012

A CWE-598 “Use of GET Request Method with Sensitive Query Strings” was discovered affecting the 130.8005 TCP/IP Gateway running firmware version 12h. Both the SHA-1 hash of the password as well as the session tokens are included as part of the URL and therefore exposed to information leakage...

CVE-2024-12011

A CWE-126 “Buffer Over-read” was discovered affecting the 130.8005 TCP/IP Gateway running firmware version 12h. The information disclosure can be triggered by leveraging a memory leak affecting the web server. A remote unauthenticated attacker can exploit this vulnerability in order to leak valid...

CVE-2024-12013

The CVE-2024-12013 entry describes a vulnerability in Nozomi Networks TCP/IP Gateway (firmware 12h, device series 130.8005) where an FTP server is protected by default/easily guessable admin credentials. The underlying issue is CWE-1392 Use of Default Credentials. A remote attacker that can reach...

CVE-2024-12013

A CWE-1392 “Use of Default Credentials” was discovered affecting the 130.8005 TCP/IP Gateway running firmware version 12h. The device exposes an FTP server with default and easy-to-guess admin credentials. A remote attacker capable of interacting with the FTP server could gain access and perform...