10 matches found
CVE-2026-32038
OpenClaw before 2026.2.24 contains a sandbox network isolation bypass vulnerability that allows trusted operators to join another container's network namespace. Attackers can configure the docker.network parameter with container: values to reach services in target container namespaces and bypass...
CVE-2026-32038 OpenClaw - Sandbox Network Isolation Bypass via docker.network=container Parameter
OpenClaw before 2026.2.24 contains a sandbox network isolation bypass vulnerability that allows trusted operators to join another container's network namespace. Attackers can configure the docker.network parameter with container: values to reach services in target container namespaces and bypass...
EUVD-2026-13324
OpenClaw before 2026.2.24 contains a sandbox network isolation bypass vulnerability that allows trusted operators to join another container's network namespace. Attackers can configure the docker.network parameter with container: values to reach services in target container namespaces and bypass...
CVE-2025-64180 Manager-io/Manager: Complete Bypass of SSRF Protection via Time-of-Check Time-of-Use (TOCTOU)
Manager-io/Manager is accounting software. In Manager Desktop and Server versions 25.11.1.3085 and below, a critical vulnerability permits unauthorized access to internal network resources. The flaw lies in the fundamental design of the DNS validation mechanism. A Time-of-Check Time-of-Use TOCTOU...
Siemens SIMATIC CN 4100
1. EXECUTIVE SUMMARY CVSS v3 9.9 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SIMATIC CN 4100 Vulnerabilities: Improper Access Control, Incorrect Default Permissions 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to...
CVE-2023-29131
A vulnerability has been identified in SIMATIC CN 4100 All versions V2.5. Affected device consists of an incorrect default value in the SSH configuration. This could allow an attacker to bypass network isolation...
Siemens SIMATIC CN 4100
1. EXECUTIVE SUMMARY CVSS v3 9.9 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SIMATIC CN 4100 Vulnerabilities: Improper Access Control, Incorrect Default Permissions 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to...
PT-2023-4084 · Siemens · Simatic Cn 4100
Name of the Vulnerable Software and Affected Versions: SIMATIC CN 4100 versions prior to V2.5 Description: A vulnerability has been identified in the SIMATIC CN 4100, related to an incorrect default value in the SSH configuration. This issue could allow an attacker to bypass network isolation. Th...
The vulnerability of TP-Link’s microprogrammed software in routers, which stems from insufficient validation of input data, allows attackers to circumvent the separation between the host network and the guest network.
The vulnerability of TP-Link’s microprogrammed software routers exists due to insufficient verification of input data. Exploiting this vulnerability can allow a malicious actor to bypass the separation between the host network and the guest network by sending a specially crafted ARP packet...
CVE-2018-10532
An issue was discovered on EE 4GEE HH70VB-2BE8GB3 HH70E102.0019 devices. Hardcoded root SSH credentials were discovered to be stored within the "coreapp" binary utilised by the EE router for networking services. An attacker with knowledge of the default password oelinux123 could login to the rout...