CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

30 matches found

CVE-2026-49195

Unauthenticated Debug Service. The /sbin/mtkdut binary is exposed on TCP port 9000 without authentication, allowing any LAN-based attacker to execute arbitrary UCC commands...

8.7CVSS0.00019EPSS

Exploits0References1

Positive Technologies•added 6 days ago•5 views

PT-2026-44765

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description An unauthenticated debug service is exposed on TCP port 9000. This allows a LAN-based attacker to execute arbitrary UCC commands via the '/sbin/mtk dut' binary...

8.7CVSS6AI score0.00019EPSS

Exploits0References3

NVD•added 2026/05/26 2:16 a.m.•6 views

CVE-2026-4795

A missing authorization vulnerability in Zyxel GS1200-5v3 firmware versions through 1.00ACPS.2C0, GS1200-8v3 firmware versions through 1.00ACPT.2C0, GS1200-5HPv3 firmware versions through 1.00ACPU.2C0, GS1200-8HPv3 firmware versions through 1.00ACPV.2C0, and GS1200-10v3 firmware versions through...

6.5CVSS0.00042EPSS

Exploits0References1

EUVD•added 2026/05/26 1:42 a.m.•8 views

EUVD-2026-31779

6.5CVSS5.8AI score0.00042EPSS

Exploits0References1

OSV•added 2026/01/13 4:16 p.m.•0 views

CVE-2026-0406

An insufficient input validation vulnerability in the NETGEAR XR1000v2 allows attackers connected to the router's LAN to execute OS command injections...

8CVSS5.9AI score

Exploits0References2

OSV•added 2026/01/13 4:16 p.m.•1 views

CVE-2026-0403

An insufficient input validation vulnerability in NETGEAR Orbi routers allows attackers connected to the router's LAN to execute OS command injections...

8CVSS5.9AI score0.00083EPSS

Exploits0References11

Cvelist•added 2026/01/13 4:0 p.m.•18 views

CVE-2026-0406 Insufficient input validation in NETGEAR Nighthawk router XR1000v2

An insufficient input validation vulnerability in the NETGEAR XR1000v2 allows attackers connected to the router's LAN to execute OS command injections...

8.6CVSS0.00046EPSS

Exploits0References2

Positive Technologies•added 2026/01/13 12:0 a.m.•1 views

PT-2026-2629

CVE-2026-0406 An insufficient input validation vulnerability in the NETGEAR XR1000v2 allows attackers connected to the router's LAN to execute OS command injections. https://t.co/Wc5Mb3XINq...

8.6CVSS7.2AI score0.00046EPSS

Exploits0References5

CVE•added 2026/01/08 12:0 a.m.•7 views

CVE-2025-68716

KAYSUS KS-WR3600 routers with firmware 1.0.5.9.1 expose SSH on the LAN with the root account lacking a password, and allow no disable/authentication option via CLI or web GUI. This configuration enables any LAN-adjacent attacker to obtain a root shell and run commands with full privileges. The pu...

8.4CVSS7.6AI score0.00009EPSS

Exploits0References3Affected Software1

Positive Technologies•added 2025/11/11 12:0 a.m.•1 views

PT-2025-46370

Name of the Vulnerable Software and Affected Versions NETGEAR R6260 versions through 1.1.0.86 NETGEAR R6850 versions through 1.1.0.86 Description A flaw exists in input validation within NETGEAR R6260 and R6850 devices. This allows unauthenticated attackers on the LAN to conduct Man-in-the-Middle...

7.5CVSS7AI score0.00028EPSS

Exploits0References8

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2021-26582

Malware in sbrugna...

6.1CVSS6.3AI score0.00216EPSS

Exploits1References2

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2022-39135

Malicious code in bioql PyPI...

7.4CVSS7.5AI score0.0013EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2022-40683

Malicious code in bioql PyPI...

6.2CVSS5.8AI score0.00044EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2022-41269

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.00103EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 1:10 a.m.•6 views

CVE-2022-33735

There is a password verification vulnerability in WS7200-10 11.0.2.13. Attackers on the LAN may use brute force cracking to obtain passwords, which may cause sensitive system information to be disclosed...

6.5CVSS6.5AI score0.00042EPSS

Exploits0References1

CVE•added 2022/09/20 7:44 p.m.•68 views

CVE-2022-33735

Summary (CVE-2022-33735) Huawei WS7200-10 devices (11.0.2.13) on LAN are affected by a password verification vulnerability due to an incorrect authentication algorithm implementation. Attackers on the LAN can perform brute-force attempts to obtain passwords, potentially leading to disclosure of s...

6.5CVSS6.2AI score0.00042EPSS

Exploits0References1Affected Software1

NVD•added 2022/09/09 3:15 p.m.•7 views

CVE-2022-38700

OpenHarmony-v3.1.1 and prior versions have a permission bypass vulnerability. LAN attackers can bypass permission control and get control of camera service...

8.8CVSS0.00103EPSS

Exploits0References1

NVD•added 2022/09/09 3:15 p.m.•11 views

CVE-2022-38081

OpenHarmony-v3.1.2 and prior versions have a permission bypass vulnerability. LAN attackers can bypass the distributed permission control.To take advantage of this weakness, attackers need another vulnerability to obtain system...

6.2CVSS0.00044EPSS

Exploits0References1

Prion•added 2022/09/09 3:15 p.m.•7 views

Design/Logic Flaw

OpenHarmony-v3.1.1 and prior versions have a permission bypass vulnerability. LAN attackers can bypass permission control and get control of camera service...

5.8CVSS8.7AI score0.00103EPSS

Exploits0References1Affected Software1

CVE•added 2022/09/09 2:39 p.m.•52 views

CVE-2022-38081

OpenHarmony OpenHarmony-v3.1.2 and earlier are affected by a permissions bypass in the Tokensync security subsystem that allows LAN attackers to bypass distributed permission control, requiring another vulnerability to obtain system access. Affected versions: OpenHarmony before 3.1.2. Impact: int...

6.2CVSS5.5AI score0.00044EPSS

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by