11 matches found
CVE-2025-48046 MICI Network Co. Ltd. NetFax Server Disclosure of Stored Passwords in Cleartext
An authenticated user can disclose the cleartext password of a configured SMTP server via an HTTP GET request to the /config.php endpoint...
CVE-2025-48045 MICI Network Co. Ltd. NetFax Server Default Administrator Credentials Disclosure
An unauthenticated HTTP GET request to the /client.php endpoint will disclose the default administrator user credentials...
PT-2025-23150 · Mici Network Co. · Netfax Server
Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: An authenticated user can disclose the cleartext password of a configured SMTP server via an HTTP GET request to the "/config.php" endpoint. Recommendations: At the moment, there is no...
Weak Password Vulnerability in RG_NBR900G at Riptide Networks Inc.
RGNBR900G is a wireless router. A weak password vulnerability exists in RGNBR900G, which can be exploited by an attacker to obtain sensitive information...
Weak Password Vulnerability in RG-NBR800GW of Ruijie Networks Co.
RG-NBR800GW is an Internet Behavior Management router from Riptide, which is designed for office full scenarios. A weak password vulnerability exists in RG-NBR800GW, which can be exploited by attackers to obtain sensitive information...
Weak Password Vulnerability in RG-NBR700W of Ruijie Networks Co.
RG-NBR700W is an Internet Behavior Management router which is designed for office full scenarios. The RG-NBR700W has a weak password vulnerability that can be exploited by an attacker to obtain sensitive information...
Command Execution Vulnerability in SD-WAN of Beijing Tianchi Network Co.
Skychase Networks is a value-added telecom service provider in China. A command execution vulnerability exists in the SD-WAN of Beijing Tianchi Network Co. Ltd. that can be exploited by an attacker to gain control of a server...
Command Execution Vulnerability in NBR6210-E of Beijing StarNet Ruijie Network Technology Co.
The NBR6210-E is an enterprise router from Ruijie Networks Co. A command execution vulnerability exists in the NBR6210-E of Beijing StarNet Ruijie Network Technology Co. that can be exploited by an attacker to execute arbitrary commands...
Guangzhou Lychee Network Co. Touchmedia News APP has file upload vulnerability
Touchdown News App is a news and information app. A file upload vulnerability exists in Touchmedia News APP by Guangzhou Lychee Network Co. An attacker can exploit the vulnerability to upload arbitrary PHP files and execute arbitrary PHP scripts on a remote server...
SQL Injection Vulnerability in Haining Yanhuang Online Network Co.
Yanhuang Online was founded in January 2001, along with the booming development of the Internet, to provide customers with high-end website construction services of professional enterprises. There is a SQL injection vulnerability in the website building system of Haining Yanhuang Online Network...
SQL Injection Vulnerability in Multiple Pages of Website Building System of Chuangke Network Co.
Guangzhou Chuangke Network Co., Ltd. is a website construction and Internet marketing service provider. SQL injection vulnerability exists in several pages of the website building system of Gentech Network Co. Ltd, which can be exploited by attackers to obtain sensitive information from the...