78 matches found
EUVD-2010-2443
Malware in sbrugna...
EUVD-2021-21445
Malware in sbrugna...
EUVD-2020-28010
Malware in sbrugna...
EUVD-2024-18204
Malicious code in bioql PyPI...
EUVD-2021-8906
Malicious code in bioql PyPI...
EUVD-2022-41616
Malicious code in bioql PyPI...
EUVD-2024-18198
Malicious code in bioql PyPI...
Malicious code in @zalastax/nolb-pon (npm)
The package @zalastax/nolb-pon was found to contain malicious code...
MAL-2025-13216 Malicious code in @zalastax/nolb-pon (npm)
The package @zalastax/nolb-pon was found to contain malicious code...
CVE-2022-39070
There is an access control vulnerability in some ZTE PON OLT products. Due to improper access control settings, remote attackers could use the vulnerability to log in to the device and execute any operation...
CVE-2021-21734
Some PON MDU devices of ZTE stored sensitive information in plaintext, and users with login authority can obtain it by inputing command. This affects: ZTE PON MDU device ZXA10 F821 V1.7.0P3T22, ZXA10 F822 V1.4.3T6, ZXA10 F819 V1.2.1T5, ZXA10 F832 V1.1.1T7, ZXA10 F839 V1.1.0T8, ZXA10 F809 V3.2.1T1...
Security-By-Design at the Telco Edge with OSS: Challenges and Lessons Learned
This paper presents our experience, in the context of an industrial R&D project, on securing GENIO, a platform for edge computing on Passive Optical Network PON infrastructures, and based on Open-Source Software OSS. We identify threats and related mitigations through hardening, vulnerability...
CVE-2024-20483
Multiple vulnerabilities in Cisco Routed PON Controller Software, which runs as a docker container on hardware that is supported by Cisco IOS XR Software, could allow an authenticated, remote attacker with Administrator-level privileges on the PON Manager or direct access to the PON Manager Mongo...
CVE-2024-20483
Multiple vulnerabilities in Cisco Routed PON Controller Software, which runs as a docker container on hardware that is supported by Cisco IOS XR Software, could allow an authenticated, remote attacker with Administrator-level privileges on the PON Manager or direct access to the PON Manager Mongo...
CVE-2024-20489
A vulnerability in the storage method of the PON Controller configuration file could allow an authenticated, local attacker with low privileges to obtain the MongoDB credentials. This vulnerability is due to improper storage of the unencrypted database credentials on the device that is running...
CVE-2024-20489
A vulnerability in the storage method of the PON Controller configuration file could allow an authenticated, local attacker with low privileges to obtain the MongoDB credentials. This vulnerability is due to improper storage of the unencrypted database credentials on the device that is running...
CVE-2024-20483
Multiple vulnerabilities in Cisco Routed PON Controller Software, which runs as a docker container on hardware that is supported by Cisco IOS XR Software, could allow an authenticated, remote attacker with Administrator-level privileges on the PON Manager or direct access to the PON Manager Mongo...
CVE-2024-20489
CVE-2024-20489 affects Cisco IOS XR Software running PON Controller, where the storage of unencrypted database credentials in the configuration files allows an authenticated, local attacker with low privileges to view MongoDB credentials. The root cause is improper storage of credentials on the d...
CVE-2024-20489 Cisco Routed Passive Optical Network Cleartext Password Vulnerability
A vulnerability in the storage method of the PON Controller configuration file could allow an authenticated, local attacker with low privileges to obtain the MongoDB credentials. This vulnerability is due to improper storage of the unencrypted database credentials on the device that is running...
CVE-2024-20483
CVE-2024-20483 involves multiple vulnerabilities in Cisco Routed PON Controller Software (Docker container on Cisco IOS XR hardware) where insufficient validation of arguments to configuration commands can allow an authenticated, admin-level attacker on the PON Manager or direct access to its Mon...