Lucene search
K

68 matches found

CNNVD
CNNVD
added 2026/06/08 12:0 a.m.8 views

Tenda HG7 缓冲区错误漏洞

The Tenda HG7 is a dual-band Wi-Fi optical network terminal device from the Chinese company Tenda. The Tenda HG7 300001138enxpon version has a buffer error vulnerability. This vulnerability stems from incorrect handling of the parameter “blkDomain” in the function formDOMAINBLK, which may lead to...

10CVSS8.9AI score0.06561EPSS
Exploits1References1
NVD
NVD
added 2026/06/04 2:16 p.m.11 views

CVE-2026-45433

This vulnerability exists in GX Earth 2022 ONT models due to the presence of hardcoded RSA private key within the device firmware. A remote attacker could exploit this vulnerability by extracting the cryptographic private key from the firmware, which could lead to decryption of HTTPS traffic and...

8.7CVSS0.00344EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/04 12:13 p.m.9 views

EUVD-2026-34251

This vulnerability exists in GX Earth 2022 ONT models due to the presence of hardcoded RSA private key within the device firmware. A remote attacker could exploit this vulnerability by extracting the cryptographic private key from the firmware, which could lead to decryption of HTTPS traffic and...

8.7CVSS5.8AI score0.00344EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/04 12:7 p.m.8 views

EUVD-2026-34250

This vulnerability exists in GX Earth ONT models due to the transmission of user credentials in plaintext over HTTP in its web management interface. A remote attacker could exploit this vulnerability by intercepting network traffic to obtain sensitive authentication information, which could lead ...

8.7CVSS5.8AI score0.00244EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.9 views

GX Group Earth 2022 ONT 安全漏洞

GX Group Earth 2022 ONT is an FTTH optical network terminal device developed by the Turkish company GX Group. There is a security vulnerability present in GX Group Earth 2022 ONT. This vulnerability stems from the web management interface transmitting user credentials via HTTP plaintext...

8.7CVSS5.5AI score0.00244EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/02/23 12:0 a.m.7 views

PT-2026-21553

Name of the Vulnerable Software and Affected Versions GCOM EPON 1GE ONU version C00R371V00B01 Description The software suffers from improper session management, which enables attackers to hijack user sessions. This is achieved by spoofing the IP address of an authenticated user. Recommendations...

8.1CVSS5.3AI score0.00231EPSS
Exploits0References9
CVE
CVE
added 2026/02/23 12:0 a.m.9 views

CVE-2025-71056

CVE-2025-71056 affects GCOM EPON 1GE ONU, version C00R371V00B01. The root cause is improper session management that enables session hijacking by spoofing the IP address of an authenticated user. Reported impact is high for confidentiality and integrity (per CVSS 3.1). Public references consistent...

8.1CVSS5.5AI score0.00231EPSS
Exploits0References3
NVD
NVD
added 2026/02/04 4:16 p.m.3 views

CVE-2025-70545

A stored cross-site scripting XSS vulnerability exists in the web management interface of the PPC Belden ONT 2K05X router running firmware v1.1.9206L. The Common Gateway Interface CGI component improperly handles user-supplied input, allowing a remote, unauthenticated attacker to inject arbitrary...

6.1CVSS0.0038EPSS
Exploits0References2
EUVD
EUVD
added 2026/02/02 9:1 a.m.3 views

EUVD-2025-206613

The unified WEBUI application of the ONT/Beacon device contains an input handling flaw that allows authenticated users to trigger unintended system-level command execution. Due to insufficient validation of user-supplied data, a low-privileged authenticated attacker may be able to execute arbitra...

8.8CVSS6AI score0.00401EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/31 12:31 a.m.5 views

EUVD-2022-55925

JM-DATA ONU JF511-TV version 1.0.67 uses default credentials that allow attackers to gain unauthorized access to the device with administrative privileges...

9.8CVSS6.6AI score0.00364EPSS
Exploits0References7
Cvelist
Cvelist
added 2025/11/12 12:0 a.m.7 views

CVE-2025-63353

A vulnerability in FiberHome GPON ONU HG6145F1 RP4423 allows the device's factory default Wi-Fi password WPA/WPA2 pre-shared key to be predicted from the SSID. The device generates default passwords using a deterministic algorithm that derives the router passphrase from the SSID, enabling an...

0.01168EPSS
Exploits3References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-27299

Malware in sbrugna...

10CVSS7.6AI score0.01386EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-27470

Malicious code in bioql PyPI...

7CVSS6.6AI score0.00181EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-27466

Malicious code in bioql PyPI...

8.7CVSS6.6AI score0.00274EPSS
Exploits1References4
NVD
NVD
added 2025/09/09 9:15 p.m.5 views

CVE-2025-54084

OS Command 'OS Command Injection' vulnerability in Calix GigaCenter ONT Quantenna SoC modules allows authenticated attackers with 'super' user credentials to execute arbitrary OS commands through improper input validation, potentially leading to full system compromise.This issue affects GigaCente...

8.5CVSS0.00818EPSS
Exploits0References3
CVE
CVE
added 2025/09/09 8:37 p.m.12 views

CVE-2025-54084

CVE-2025-54084 refers to an OS Command Injection in Calix GigaCenter ONT (Quantenna SoC modules). The vulnerability arises from improper input validation in the OS command pathway, allowing authenticated attackers with super credentials to execute arbitrary OS commands, potentially leading to ful...

8.5CVSS7.1AI score0.00818EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/09/09 8:8 p.m.9 views

CVE-2025-7635 Calix GigaCenter ONT - Unauthenticated Telnet

Unauthenticated Telnet access vulnerability in Calix GigaCenter ONT allows root access.This issue affects GigaCenter ONT: 844E, 844G, 844GE, 854GE...

8.7CVSS0.00274EPSS
Exploits1References3
CVE
CVE
added 2025/09/09 7:59 p.m.13 views

CVE-2025-53914

CVE-2025-53914 affects Calix GigaCenter ONT devices with Broadcom SoCs (models 844E, 844G, 844GE, 854GE, 812G, 813G, 818G). The issue is an excessive privileges vulnerability allowing privilege abuse due to a privilege escalation/root cause described as privilege abuse. CVSS-based notes in source...

7CVSS6.5AI score0.00181EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/09/09 12:0 a.m.1 views

Calix GigaCenter ONT Series 安全漏洞

Calix GigaCenter ONT Series is a series of optical network terminals from Calix USA. A security vulnerability exists in the Calix GigaCenter ONT Series that originates from a common user being able to abuse elevated privileges. The following products and versions are affected: GigaCenter ONT 844E...

7CVSS6.7AI score0.00181EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/09/09 12:0 a.m.1 views

Calix GigaCenter ONT Series 安全漏洞

The Calix GigaCenter ONT Series is a series of optical network terminals from Calix USA. A security vulnerability exists in the Calix GigaCenter ONT Series 844E version, 844G version, 844GE version, and 854GE version, which stems from the insecure storage of sensitive information and could lead t...

5.1CVSS6.4AI score0.00191EPSS
Exploits0References3
Rows per page
Query Builder