CVE-2026-8863

Multiple Microsoft-sigend UEFI SHIM bootloaders are vulnerable to SecureBoot bypass. An attacker with administrative privileges or the ability to modify the boot process could use one of the vulnerable shim bootloaders to bypass Secure Boot protections and execute arbitrary code before the...

EUVD-2026-35791

Multiple Microsoft-sigend UEFI SHIM bootloaders are vulnerable to SecureBoot bypass. An attacker with administrative privileges or the ability to modify the boot process could use one of the vulnerable shim bootloaders to bypass Secure Boot protections and execute arbitrary code before the...

EUVD-2025-17253

Malicious code in bioql PyPI...

CVE-2025-49317

Cross-Site Request Forgery CSRF vulnerability in NTC WP Page Loading wp-page-loading allows Cross Site Request Forgery.This issue affects WP Page Loading: from n/a through = 1.0.6...

CVE-2025-49317

Cross-Site Request Forgery CSRF vulnerability in NTC WP Page Loading wp-page-loading allows Cross Site Request Forgery.This issue affects WP Page Loading: from n/a through = 1.0.6...

CVE-2025-49317

CVE-2025-49317 describes a CSRF vulnerability in the WordPress plugin "WP Page Loading". Affected versions are from n/a through 1.0.6. The issue is untrusted state-changing requests via CSRF; exploitation details are not provided in the documents. The connected sources indicate this CVE entry has...

CVE-2025-49317 WordPress WP Page Loading plugin <= 1.0.6 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery CSRF vulnerability in NTC WP Page Loading wp-page-loading allows Cross Site Request Forgery.This issue affects WP Page Loading: from n/a through = 1.0.6...

PT-2025-24243 · WordPress · Ntc Wp Page Loading

Name of the Vulnerable Software and Affected Versions: NTC WP Page Loading versions 1.0.0 through 1.0.6 Description: A Cross-Site Request Forgery CSRF issue allows unauthorized actions to be performed on behalf of a user. This issue affects NTC WP Page Loading, enabling Cross Site Request Forgery...

CVE-2025-4010

The Netcom NTC 6200 and NWL 222 series expose a web interface to be configured and set up by operators. Multiple endpoints of the web interface are vulnerable to arbitrary command injection and use insecure hardcoded passwords. Remote authenticated attackers can gain arbitrary code execution with...

CVE-2025-4010

The Netcom NTC 6200 and NWL 222 series expose a web interface to be configured and set up by operators. Multiple endpoints of the web interface are vulnerable to arbitrary command injection and use insecure hardcoded passwords. Remote authenticated attackers can gain arbitrary code execution with...

CVE-2025-4010

CVE-2025-4010 affects Netcomm NTC 6200 and NWL-222 series where the web interface endpoints are vulnerable to arbitrary command injection and rely on insecure hardcoded passwords. The vulnerability enables remote authenticated attackers to gain arbitrary code execution with elevated privileges. T...

CVE-2025-4010 Arbitrary Command Injection in Netcom NTC-6200 & NWL-222

The Netcom NTC 6200 and NWL 222 series expose a web interface to be configured and set up by operators. Multiple endpoints of the web interface are vulnerable to arbitrary command injection and use insecure hardcoded passwords. Remote authenticated attackers can gain arbitrary code execution with...

CVE-2024-26519

An issue in Casa Systems NTC-221 version 2.0.99.0 and before allows a remote attacker to execute arbitrary code via a crafted payload to the /www/cgi-bin/nas.cgi component...

CVE-2024-26519

An issue in Casa Systems NTC-221 version 2.0.99.0 and before allows a remote attacker to execute arbitrary code via a crafted payload to the /www/cgi-bin/nas.cgi component...

CVE-2024-26519

An issue in Casa Systems NTC-221 version 2.0.99.0 and before allows a remote attacker to execute arbitrary code via a crafted payload to the /www/cgi-bin/nas.cgi component...

PT-2024-21414 · Casa Systems · Casa Systems Ntc-221

Name of the Vulnerable Software and Affected Versions: Casa Systems NTC-221 versions 2.0.99.0 and before Description: The issue allows a remote attacker to execute arbitrary code via a crafted payload to the "/www/cgi-bin/nas.cgi" component. This enables the attacker to potentially gain control...

Casa Systems NTC-221 访问控制错误漏洞

The Casa Systems NTC-221 is an industrial IoT router from Casa Systems, USA. A security vulnerability exists in Casa Systems NTC-221 version 2.0.99.0 and earlier, which originates from a vulnerability that allows remote attackers to execute arbitrary code via a specially crafted payload in the...

CVE-2024-26519

Casa Systems NTC-221 is affected (versions 2.0.99.0 and earlier). The issue allows remote code execution via a crafted payload to the /www/cgi-bin/nas.cgi component. Public sources consistently identify the vulnerable component and affected version range, but none of the connected documents provi...

ntc.net.np XSS vulnerability

Open Bug Bounty ID: OBB-251257 Description| Value ---|--- Affected Website:| ntc.net.np Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

National Telecommunications Commission website defaced

Another Halloween hack, National Telecommunications Commission NTC was hacked Thursday noon, showed a pop-up message saying "Sh4d0wFiendh4x0r and Wizkidl33t were here!" and would later redirect to another page ntc.gov.ph/halloween displaying the hacker's message - "hello and welcome: presented by...