Design/Logic Flaw

A security vulnerability has been identified in HPE Nimble Storage Hybrid Flash Arrays, HPE Nimble Storage All Flash Arrays and HPE Nimble Storage Secondary Flash Arrays during update. This would potentially allow an attacker to intercept and modify network communication for software updates...

CVE-2022-23703

A security vulnerability has been identified in HPE Nimble Storage Hybrid Flash Arrays, HPE Nimble Storage All Flash Arrays and HPE Nimble Storage Secondary Flash Arrays during update. This would potentially allow an attacker to intercept and modify network communication for software updates...

Garrett Walk-Through Metal Detectors Can Be Hacked Remotely

A number of security flaws have been uncovered in a networking component in Garrett Metal Detectors that could allow remote attackers to bypass authentication requirements, tamper with metal detector configurations, and even execute arbitrary code on the devices. "An attacker could manipulate thi...

CVE-2021-44518

An issue was discovered in the eGeeTouch 3rd Generation Travel Padlock application for Android. The lock sends a pairing code before each operation lock or unlock activated via the companion app. The code is sent unencrypted, allowing any attacker with the same app either Android or iOS to add th...

CVE-2021-44518

The CVE-2021-44518 entry describes a vulnerability in the eGeeTouch 3rd Generation Travel Padlock Android application. The lock transmits a pairing code unencrypted before each operation (lock/unlock). An attacker using the same app (Android or iOS) can add the lock and gain full control, provide...

CVE-2021-33541

Phoenix Contact Classic Line Controllers ILC1x0 and ILC1x1 in all versions/variants are affected by a Denial-of-Service vulnerability. The communication protocols and device access do not feature authentication measures. Remote attackers can use specially crafted IP packets to cause a denial of...

Authentication flaw

Phoenix Contact Classic Line Controllers ILC1x0 and ILC1x1 in all versions/variants are affected by a Denial-of-Service vulnerability. The communication protocols and device access do not feature authentication measures. Remote attackers can use specially crafted IP packets to cause a denial of...

CVE-2021-33541 Phoenix Contact: ILC1x Industrial controllers affected by Denial-of-Service vulnerability

Phoenix Contact Classic Line Controllers ILC1x0 and ILC1x1 in all versions/variants are affected by a Denial-of-Service vulnerability. The communication protocols and device access do not feature authentication measures. Remote attackers can use specially crafted IP packets to cause a denial of...

CVE-2021-33541

The CVE-2021-33541 entry affects Phoenix Contact Classic Line Controllers ILC1x0 and ILC1x1 across all versions/variants. The issue is a Denial-of-Service vulnerability caused by authenticationless communication protocols and device access, allowing remote attackers to send crafted IP packets to ...

Backdoor.Win32.Spion4 Insecure Transit

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/cb02d2f323db18d7415dca47bceab9db.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Spion4 Vulnerability: Insecure Transit Description: SPION 4 Server terminal listens o...

Weak password vulnerability in Airspace Technologies WIFISKY 7-layer flow control router

Shenzhen Airspace Technology Co., Ltd. is a supplier of network communication equipment, dedicated to the research and development of network communication equipment. Weak password vulnerability exists in Airspace Technology WIFISKY 7-layer flow control router. Attackers utilize the weak password...

Weak Password Vulnerability in 26G-2F-MANAGED of Shenzhen WANET Botong Technology Co.

Dedicated to the development and application of network communication products and IoT security control platform, it is a next-generation vendor of intelligent network solutions for weak power and IoT security solutions. Weak password vulnerability exists in 26G-2F-MANAGED of Shenzhen WANET BOTTO...

Weak Password Vulnerability in BK-S1000-24POE/BK-S1000-8POE of Shenzhen Wannabe Brocade Network Technology Co.

Shenzhen Wannabe Boco Network Technology Co., Ltd. is a company mainly engaged in the technical research and development, development, and sales of network communication equipment, computers, other electronic products, integrated circuits, and mechanical equipment. Shenzhen WANET BOKE Network...

Unauthorized Access Vulnerability in Tenda Wireless Routers

hereinafter referred to as "Tengda" was founded in 1999, is a professional supplier of network communication equipment and solutions, but also the research and development, production, supply, sales and service in one of the high-tech enterprises. An unauthorized access vulnerability exists in...

TP-LINK TD-W8901G router suffers from weak password vulnerability

TP-LINK is a leading global supplier of network communication equipment. A weak password vulnerability exists in the TD-W8901G router, which can be exploited by an attacker to log into the system backend and perform unauthorized operations...

Weak password vulnerability in TP-LINK TD-W8960N

hereinafter referred to as "TP-LINK" is a leading global supplier of network communication equipment. A weak password vulnerability exists in the TP-LINK TD-W8960N. An attacker could exploit this vulnerability to obtain sensitive information...

TP-LINK TD-8817 suffers from weak password vulnerability

hereinafter referred to as "TP-LINK" is a leading global supplier of network communication equipment. A weak password vulnerability exists in the TP-LINK TD-8817. An attacker could exploit this vulnerability to obtain sensitive information...

Command Execution Vulnerability in Tenda Enterprise AP Management Routers

hereinafter referred to as "Tengda" was founded in 1999, is a professional supplier of network communication equipment and solutions, but also the research and development, production, supply, sales and service in one of the high-tech enterprises. A command execution vulnerability exists in TENTE...

Command Execution Vulnerability in Tenda Enterprise AP Management Routers (CNVD-2021-30044)

hereinafter referred to as "Tengda" was founded in 1999, is a professional supplier of network communication equipment and solutions, but also the research and development, production, supply, sales and service in one of the high-tech enterprises. A command execution vulnerability exists in TENTE...

Chengdu Flying Fish Star Technology Co., Ltd Flying Fish Star Home Intelligent Routing has a Logic Flaw Vulnerability

Chengdu Flying Fish Star Technology Co., Ltd. specializes in serving enterprise, commercial and home users, providing intelligent and easy-to-use network communication management equipment and value-added services with innovative technology. The company's existing IoT IoT Cloud, Smart Power Box,...