120 matches found
CVE-2026-35019
NetComm NF20MESH routers running firmware R6B031 and earlier contain an authentication bypass vulnerability that allows unauthenticated attackers to gain administrative access by exploiting a hardcoded AES-256 key used to encrypt session cookies for the web management interface. Attackers can for...
CVE-2026-35018
NetComm NF20MESH routers running firmware R6B031 and earlier contain an authenticated remote code execution vulnerability that allows authenticated attackers to execute arbitrary commands as root by injecting shell metacharacters into the username JSON parameter processed by the...
CVE-2026-35019 NetComm NF20MESH < R6B032 Hardcoded AES Key Authentication Bypass
NetComm NF20MESH routers running firmware R6B031 and earlier contain an authentication bypass vulnerability that allows unauthenticated attackers to gain administrative access by exploiting a hardcoded AES-256 key used to encrypt session cookies for the web management interface. Attackers can for...
CVE-2026-35019
NetComm NF20MESH routers with firmware R6B031 and earlier are affected by an authentication bypass in the web management interface. The root cause is a hardcoded AES-256 key used to encrypt session cookies; an attacker can forge a valid encrypted cookie with the shared key to bypass authenticatio...
CVE-2026-35019
NetComm NF20MESH routers running firmware R6B031 and earlier contain an authentication bypass vulnerability that allows unauthenticated attackers to gain administrative access by exploiting a hardcoded AES-256 key used to encrypt session cookies for the web management interface. Attackers can for...
CVE-2026-35019 NetComm NF20MESH < R6B032 Hardcoded AES Key Authentication Bypass
NetComm NF20MESH routers running firmware R6B031 and earlier contain an authentication bypass vulnerability that allows unauthenticated attackers to gain administrative access by exploiting a hardcoded AES-256 key used to encrypt session cookies for the web management interface. Attackers can for...
EUVD-2026-38453
NetComm NF20MESH routers running firmware R6B031 and earlier contain an authentication bypass vulnerability that allows unauthenticated attackers to gain administrative access by exploiting a hardcoded AES-256 key used to encrypt session cookies for the web management interface. Attackers can for...
CVE-2026-35018 NetComm NF20MESH < R6B032 Authenticated RCE via OS Command Injection
NetComm NF20MESH routers running firmware R6B031 and earlier contain an authenticated remote code execution vulnerability that allows authenticated attackers to execute arbitrary commands as root by injecting shell metacharacters into the username JSON parameter processed by the...
EUVD-2026-38452
NetComm NF20MESH routers running firmware R6B031 and earlier contain an authenticated remote code execution vulnerability that allows authenticated attackers to execute arbitrary commands as root by injecting shell metacharacters into the username JSON parameter processed by the...
CVE-2026-35018 NetComm NF20MESH < R6B032 Authenticated RCE via OS Command Injection
NetComm NF20MESH routers running firmware R6B031 and earlier contain an authenticated remote code execution vulnerability that allows authenticated attackers to execute arbitrary commands as root by injecting shell metacharacters into the username JSON parameter processed by the...
CVE-2026-35018
NetComm NF20MESH routers running firmware R6B031 and earlier are affected by an authenticated remote code execution vulnerability. The flaw resides in dalStorage_addUserAccount where shell metacharacters injected into the username JSON parameter are unsafely concatenated into a shell command stri...
PT-2026-51522
šØ CVE-2026-35018 NetComm NF20MESH routers running firmware R6B031 and earlier contain an authenticated remote code execution vulnerability that allows authenticated attackers to execute arbitrary commands as root by injecting shell metacharacters into the username JSON parameter processed by the...
PT-2026-51523
Name of the Vulnerable Software and Affected Versions NetComm NF20MESH versions prior to R6B032 Description An authentication bypass exists in the web management interface due to a hardcoded AES-256 key used to encrypt session cookies. An unauthenticated attacker can use this shared key to forge ...
EUVD-2005-0896
Malware in sbrugna...
EUVD-2018-6669
Malware in sbrugna...
EUVD-2018-6668
Malware in sbrugna...
EUVD-2018-6667
Malware in sbrugna...
EUVD-2017-3258
Malware in sbrugna...
EUVD-2017-3259
Malware in sbrugna...
EUVD-2018-6666
Malware in sbrugna...