28 matches found
EUVD-2025-29202
Malicious code in bioql PyPI...
CVE-2025-57176
On Ceragon Networks / Siklu Communication EtherHaul and MultiHaul Series microwave antennas before 2026-03-10, the rfpiped service on TCP port 555 allows unauthenticated file uploads to any writable location on the device. File upload packets use weak encryption metadata only with file contents...
CVE-2025-57174
An issue was discovered in Siklu Communications Etherhaul 8010TX and 1200FX devices, Firmware 7.4.0 through 10.7.3 and possibly other previous versions. The rfpiped service listening on TCP port 555 which uses static AES encryption keys hardcoded in the binary. These keys are identical across all...
CVE-2025-57174
An issue was discovered in Siklu Communications Etherhaul 8010TX and 1200FX devices, Firmware 7.4.0 through 10.7.3 and possibly other previous versions. The rfpiped service listening on TCP port 555 which uses static AES encryption keys hardcoded in the binary. These keys are identical across all...
CVE-2025-57176
On Ceragon Networks / Siklu Communication EtherHaul and MultiHaul Series microwave antennas before 2026-03-10, the rfpiped service on TCP port 555 allows unauthenticated file uploads to any writable location on the device. File upload packets use weak encryption metadata only with file contents...
CVE-2025-57176
CVE-2025-57176 affects Siklu EtherHaul EH-8010EH-1200 devices (firmware 7.4.0–10.7.3). The rfpiped service on TCP port 555 allows unauthenticated file uploads to any writable location. Uploads use weak encryption (metadata only) with file contents in cleartext and no authentication or path valida...
CVE-2025-57174
CVE-2025-57174 covers Siklu EtherHaul EH-8010/ EH-1200 devices (firmware 7.4.0–10.7.3) where the rfpiped service on TCP port 555 uses static, hardcoded AES keys. The keys are identical across devices, enabling an unauthenticated attacker to craft encrypted packets and trigger remote command execu...
PT-2025-37369
Siklu EtherHaul 8010 siklu-uimage-nxp-enc-10 6 2-18707-ea552dc00b devices have a static root password...
PT-2025-37370
Name of the Vulnerable Software and Affected Versions Ceragon Networks / Siklu Communication EtherHaul series versions 7.4.0 through 10.7.3 Description The rfpiped service on TCP port 555 allows unauthenticated file uploads to any writable location on the device. File upload packets use weak...
PT-2025-37368
Name of the Vulnerable Software and Affected Versions Siklu Communications Etherhaul 8010TX and 1200FX devices versions 7.4.0 through 10.7.3 Description An issue exists in the rfpiped service, listening on TCP port 555, which utilizes static AES encryption keys hardcoded within the binary. These...
CVE-2012-1830
Stack-based buffer overflow in WellinTech KingView 6.53 allows remote attackers to execute arbitrary code via a crafted packet to TCP port 555...
CVE-2012-1831
Heap-based buffer overflow in WellinTech KingView 6.53 allows remote attackers to execute arbitrary code via a crafted packet to TCP port 555...
Backdoor.Win32.Phase.11 Code Execution
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/fb4fb710f031304d788d9cd1c4201552.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Phase.11 Vulnerability: Unauthenticated Remote Command Execution Description: The phA...
CVE-2012-1830
Stack-based buffer overflow in WellinTech KingView 6.53 allows remote attackers to execute arbitrary code via a crafted packet to TCP port 555...
CVE-2012-1831
Heap-based buffer overflow in WellinTech KingView 6.53 allows remote attackers to execute arbitrary code via a crafted packet to TCP port 555...
Stack overflow
Stack-based buffer overflow in WellinTech KingView 6.53 allows remote attackers to execute arbitrary code via a crafted packet to TCP port 555...
Heap overflow
Heap-based buffer overflow in WellinTech KingView 6.53 allows remote attackers to execute arbitrary code via a crafted packet to TCP port 555...
CVE-2012-1830
WellinTech KingView 6.53 is affected by CVE-2012-1830 due to a stack-based buffer overflow in KingView that can be triggered by a crafted packet sent to TCP port 555, potentially enabling remote code execution. Related advisories (RH-CVE, PRION, CPS/ICS) corroborate a remote-exploitation vector a...
CVE-2012-1830
Stack-based buffer overflow in WellinTech KingView 6.53 allows remote attackers to execute arbitrary code via a crafted packet to TCP port 555...
CVE-2012-1831
Heap-based buffer overflow in WellinTech KingView 6.53 allows remote attackers to execute arbitrary code via a crafted packet to TCP port 555...