CVE-2022-21792

In camera isp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07085410; Issue ID: ALPS07085410...

CVE-2022-21790

In camera isp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06479306; Issue ID: ALPS06479306...

CVE-2022-32650

In mtk-isp, there is a possible use after free due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07225853; Issue ID: ALPS07225853...

CVE-2021-27150

An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded gestiontelebucaramanga / t3l3buc4r4m4ng42013 credentials for an ISP...

CVE-2021-27162

An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded user / tattoo@home credentials for an ISP...

CVE-2021-27163

An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded admin / tele1234 credentials for an ISP...

CVE-2025-4124

Delta Electronics ISPSoft version 3.20 is vulnerable to an Out-Of-Bounds Write vulnerability that could allow an attacker to execute arbitrary code when parsing ISP file...

CVE-2025-4125

Delta Electronics ISPSoft version 3.20 is vulnerable to an Out-Of-Bounds Write vulnerability that could allow an attacker to execute arbitrary code when parsing ISP file...

Delta Electronics ISPSoft 安全漏洞

Delta Electronics ISPSoft is a set of PLC Programmable Logic Controller programming software from Delta Electronics, China. An out-of-bounds write vulnerability exists in Delta Electronics ISPSoft, which can be exploited by an attacker to execute arbitrary code while parsing an ISP file...

Over 4,000 ISP IPs Targeted in Brute-Force Attacks to Deploy Info Stealers and Cryptominers

Internet service providers ISPs in China and the West Coast of the United States have become the target of a mass exploitation campaign that deploys information stealers and cryptocurrency miners on compromised hosts. The findings come from the Splunk Threat Research Team, which said the activity...

CVE-2024-20112

In isp, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS09071481; Issue ID: MSV-1730...

CVE-2024-10751

A vulnerability was found in Codezips ISP Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file pay.php. The manipulation of the argument customer leads to sql injection. The attack may be launched remotely. The exploit has been disclos...

CVE-2024-20112

CVE-2024-20112 affects the isp component, with a missing bounds check causing an out-of-bounds read. The issue can lead to local denial of service and allows system execution privileges; exploitation requires user interaction. A fix is available as Patch ID ALPS09071481 (Issue ID MSV-1730). Conne...

CVE-2024-20112

In isp, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS09071481; Issue ID: MSV-1730...

CVE-2024-10751 Codezips ISP Management System pay.php sql injection

A vulnerability was found in Codezips ISP Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file pay.php. The manipulation of the argument customer leads to sql injection. The attack may be launched remotely. The exploit has been disclos...

CVE-2024-10751

CVE-2024-10751 affects Codezips ISP Management System 1.0. The vulnerability is in the file pay.php, where manipulating the “customer” parameter yields a SQL injection. The issue can be exploited remotely, and multiple sources confirm the exploit has been disclosed publicly. Technical details con...

CVE-2024-10751 Codezips ISP Management System pay.php sql injection

A vulnerability was found in Codezips ISP Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file pay.php. The manipulation of the argument customer leads to sql injection. The attack may be launched remotely. The exploit has been disclos...

PT-2024-16514 · Unknown · Codezips Isp Management System

Name of the Vulnerable Software and Affected Versions: Codezips ISP Management System version 1.0 Description: A critical issue was found in the Codezips ISP Management System, affecting some unknown functionality of the file pay.php. The manipulation of the customer argument leads to SQL...

CVE-2023-48957

PureVPN Linux client 2.0.2-Productions fails to properly handle DNS queries, allowing them to bypass the VPN tunnel and be sent directly to the ISP or default DNS servers...

CVE-2023-48957

CVE-2023-48957 concerns the PureVPN Linux client (2.0.2-Productions) where the DNS query handling is flawed, allowing DNS requests to bypass the VPN tunnel and go directly to the ISP/default DNS servers. The root cause is an improper DNS query handling/control flow in the client, per connected ad...