CVE-2022-43621

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DIR-1935 1.03 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of HNAP login requests. The issue results from an...

PT-2023-15973 · Sauter · Sauter Controls Nova 200–220 Series

Name of the Vulnerable Software and Affected Versions: SAUTER Controls Nova 200–220 Series versions 3.3-006 and prior BACnetstac versions 4.2.1 and prior Description: The issue affects device management, where sensitive information such as credentials is sent in cleartext through FTP and Telnet...

DEBIAN-CVE-2021-36368

An issue was discovered in OpenSSH before 8.9. If a client is using public-key authentication with agent forwarding but without -oLogLevel=verbose, and an attacker has silently modified the server to support the None authentication option, then the user cannot determine whether FIDO authenticatio...

Cisco IOS XE Consent Token Bypass Vulnerability (CNVD-2020-57581)

Cisco IOS XE is a set of modular operating system based on Linux kernel developed by Cisco for its network equipment. A consent token bypass vulnerability exists in the persistent Telnet/Secure Shell SSH CLI of Cisco IOS XE. The vulnerability stems from insufficient enforcement of consent tokens ...

PT-2018-10746 · Lutron · Lutron Radiora 2

Name of the Vulnerable Software and Affected Versions: Lutron RadioRA 2 versions Revision M through Revision Y Description: The issue allows attackers to gain total super user control of an IoT device through a TELNET session. Default and unremovable support credentials are used, with the usernam...

NovaSTOR NovaNET <= 12.0 remote SYSTEM exploit

No description provided by source. source: http://www.securityfocus.com/bid/39693/info NovaStor NovaNET is prone to code-execution, denial-of-service, and information-disclosure vulnerabilities. An attacker can exploit these issues to execute arbitrary code, access sensitive information, or crash...

6 Million Virgin Mobile users vulnerable to Hackers

Virgin Mobile customers beware: Your phone number is the key to your personal information. According to independent developer Kevin Burke, who warned Virgin Mobile USA customers about a glaring security hole in the phone company's account login protocol said, "If you are one of the six million...

NovaSTOR NovaNET 12.0 - Remote SYSTEM

// source: https://www.securityfocus.com/bid/39693/info NovaStor NovaNET is prone to code-execution, denial-of-service, and information-disclosure vulnerabilities. An attacker can exploit these issues to execute arbitrary code, access sensitive information, or crash the affected application,...

CVE-2005-2403

The CVE-2005-2403 entry affects RealChat 3.5.1b where the login protocol does not require authentication. The vulnerability allows remote attackers to log in as other users by sniffing the beginning of a chat session and replaying it with a modified username. The NVD data notes a CVSS v2 base sco...

CVE-2005-2403

The login protocol in RealChat 3.5.1b does not use authentication, which allows remote attackers to log on as other users by sniffing the beginning of a chat session and replaying it via a modified username...

CVE-2005-2403

The login protocol in RealChat 3.5.1b does not use authentication, which allows remote attackers to log on as other users by sniffing the beginning of a chat session and replaying it via a modified username...

Security Advisory: FreeBSD-SA-00:69.telnetd

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-00:69 Security Advisory FreeBSD, Inc. Topic: telnetd allows remote system resource consumption. Category: core Module: telnetd Announced: 2000-11-14 Credits: Jouko Pynnonen...