CVE-2025-68716

KAYSUS KS-WR3600 routers with firmware 1.0.5.9.1 enable the SSH service enabled by default on the LAN interface. The root account is configured with no password, and administrators cannot disable SSH or enforce authentication via the CLI or web GUI. This allows any LAN-adjacent attacker to...

CVE-2025-68716

KAYSUS KS-WR3600 routers with firmware 1.0.5.9.1 enable the SSH service enabled by default on the LAN interface. The root account is configured with no password, and administrators cannot disable SSH or enforce authentication via the CLI or web GUI. This allows any LAN-adjacent attacker to...

EUVD-2016-7093

Malware in sbrugna...

EUVD-2021-33930

Malicious code in bioql PyPI...

EUVD-2024-47818

Malicious code in bioql PyPI...

Vigor routers running DrayOS are vulnerable to RCE via EasyVPN and LAN web administration interface

Overview A remote code execution RCE vulnerability was discovered through the EasyVPN and LAN web administration interface of Vigor routers by Drayteck. A script in the LAN web administration interface uses an unitialized variable, allowing an attacker to inject arbitrary commands through memory...

CVE-2021-4029

A command injection vulnerability in the CGI program of the Zyxel ARMOR Z1/Z2 firmware could allow an attacker to execute arbitrary OS commands via a LAN interface...

CVE-2024-41992

Wi-Fi Alliance wfadut in Wi-Fi Test Suite through 9.0.0 allows OS command injection via 802.11x frames because the system library function is used. For example, on Arcadyan FMIMG51AX000J devices, this leads to wfaTGSendPing remote code execution as root via traffic to TCP port 8000 or 8080 on a L...

CVE-2024-41992

Wi-Fi Alliance wfadut in Wi-Fi Test Suite through 9.0.0 allows OS command injection via 802.11x frames because the system library function is used. For example, on Arcadyan FMIMG51AX000J devices, this leads to wfaTGSendPing remote code execution as root via traffic to TCP port 8000 or 8080 on a L...

CVE-2024-41992

Wi-Fi Alliance wfadut in Wi-Fi Test Suite through 9.0.0 allows OS command injection via 802.11x frames because the system library function is used. For example, on Arcadyan FMIMG51AX000J devices, this leads to wfaTGSendPing remote code execution as root via traffic to TCP port 8000 or 8080 on a L...

CVE-2024-41992

The CVE-2024-41992 entry concerns the Wi‑Fi Alliance’s wfa_dut (Wi‑Fi Test Suite) up to version 9.0.0, where OS command injection is possible because the code uses the system() library function. Affected Arcadyan FMIMG51AX000J devices can achieve remote code execution as root (example: wfaTGSendP...

CVE-2024-6788

A remote unauthenticated attacker can use the firmware update feature on the LAN interface of the device to reset the password for the predefined, low-privileged user “user-app” to the default password...

CVE-2024-6788 Phoenix Contact: update feature from CHARX controller can be used to reset a low privilege user password

A remote unauthenticated attacker can use the firmware update feature on the LAN interface of the device to reset the password for the predefined, low-privileged user “user-app” to the default password...

CVE-2024-6788

CVE-2024-6788 affects Phoenix Contact CHARX SEC family (CHARX SEC-3000/3050/3100/3150). A remote unauthenticated attacker can abuse the LAN firmware-update feature to reset the low-privilege user “user-app” password to the default. Root cause is described as insecure default resource initializati...

CVE-2024-6788 Phoenix Contact: update feature from CHARX controller can be used to reset a low privilege user password

A remote unauthenticated attacker can use the firmware update feature on the LAN interface of the device to reset the password for the predefined, low-privileged user “user-app” to the default password...

(Pwn2Own) Synology RT6600ax Improper Access Control Firewall Bypass Vulnerability

This vulnerability allows remote attackers to bypass firewall rules and access the LAN interface on affected installations of Synology RT6600ax routers. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of firewall rules. The issue results from...

CVE-2023-27359

CVE-2023-27359 affects TP-Link AX1800/ Archer AX21 routers. The flaw is in the hotplugd daemon where firewall rule handling allows access to LAN-only resources, enabling remote attackers to reach LAN-side services without authentication and potentially execute code as root when combined with othe...

VIMESA VHF/FM Transmitter Blue Plus 9.7.1 Denial Of Service Vulnerability

VIMESA VHF/FM Transmitter Blue Plus version 9.7.1 suffers from a denial of service vulnerability. An unauthenticated attacker can issue an unauthorized HTTP GET request to the unprotected endpoint doreboot and restart the transmitter operations. VIMESA VHF/FM Transmitter Blue Plus 9.7.1 doreboot...

VIMESA VHF/FM Transmitter Blue Plus 9.7.1 (doreboot) Remote Denial Of Service

Summary The transmitter Blue Plus is designed with all the latest technologies, such as high efficiency using the latest generation LDMOS transistor and high efficiency power supplies. We used a modern interface and performance using a color display with touch screen, with easy management softwar...

Siemens LOGO! CMR and SIMATIC RTU 3000 Use of Insufficiently Random Values (CVE-2021-37186)

A vulnerability has been identified in LOGO! CMR2020 All versions V2.2, LOGO! CMR2040 All versions V2.2, SIMATIC RTU3010C All versions V4.0.9, SIMATIC RTU3030C All versions V4.0.9, SIMATIC RTU3031C All versions V4.0.9, SIMATIC RTU3041C All versions V4.0.9. The underlying TCP/IP stack does not...