CVE-2022-23141

ZXMP M721 has an information leak vulnerability. Since the serial port authentication on the ZBOOT interface is not effective although it is enabled, an attacker could use this vulnerability to log in to the device to obtain sensitive information...

Hikvision DVR Improper Privilege Management (CVE-2025-66173)

There is a privilege escalation vulnerability in some Hikvision DVR products. Due to the improper implementation of authentication for the serial port, an attacker with physical access could exploit this vulnerability by connecting to the affected products and gaining access to an unrestricted...

Hikvision DVR Improper Authentication (CVE-2025-66174)

There is an improper authentication vulnerability in some Hikvision DVR products. Due to the improper implementation of authentication for the serial port, an attacker with physical access could exploit this vulnerability by connecting to the affected products and run a series of commands. This...

CVE-2025-66174

There is an improper authentication vulnerability in some Hikvision DVR products. Due to the improper implementation of authentication for the serial port, an attacker with physical access could exploit this vulnerability by connecting to the affected products and run a series of commands...

CVE-2025-66174

There is an improper authentication vulnerability in some Hikvision DVR products. Due to the improper implementation of authentication for the serial port, an attacker with physical access could exploit this vulnerability by connecting to the affected products and run a series of commands...

CVE-2025-66173

There is a privilege escalation vulnerability in some Hikvision DVR products. Due to the improper implementation of authentication for the serial port, an attacker with physical access could exploit this vulnerability by connecting to the affected products and gaining access to an unrestricted...

CVE-2025-66173

There is a privilege-escalation vulnerability in Hikvision DVR products caused by improper authentication for the serial port. An attacker with physical access can connect to the affected device and gain access to an unrestricted shell environment. The issue is documented across multiple sources ...

CVE-2025-66173

There is a privilege escalation vulnerability in some Hikvision DVR products. Due to the improper implementation of authentication for the serial port, an attacker with physical access could exploit this vulnerability by connecting to the affected products and gaining access to an unrestricted...

Hikvision DVR DS-7204HGHI-F1 安全漏洞

Hikvision DVR DS-7204HGHI-F1 is a hard disk recorder from Hikvision, a Chinese company. A security vulnerability exists in the Hikvision DVR DS-7204HGHI-F1 that stems from improper serial port authentication, which could result in elevated privileges...

PT-2025-52415

There is a privilege escalation vulnerability in some Hikvision DVR products. Due to the improper implementation of authentication for the serial port, an attacker with physical access could exploit this vulnerability by connecting to the affected products and gaining access to an unrestricted...

CVE-2025-1907

Instantel Micromate lacks authentication on a configuration port which could allow an attacker to execute commands if connected...

CVE-2023-49228

An issue was discovered in Peplink Balance Two before 8.4.0. Console port authentication uses hard-coded credentials, which allows an attacker with physical access and sufficient knowledge to execute arbitrary commands as root...

CVE-2023-49228

An issue was discovered in Peplink Balance Two before 8.4.0. Console port authentication uses hard-coded credentials, which allows an attacker with physical access and sufficient knowledge to execute arbitrary commands as root...

Hardcoded credentials

An issue was discovered in Peplink Balance Two before 8.4.0. Console port authentication uses hard-coded credentials, which allows an attacker with physical access and sufficient knowledge to execute arbitrary commands as root...

CVE-2023-49228

An issue was discovered in Peplink Balance Two before 8.4.0. Console port authentication uses hard-coded credentials, which allows an attacker with physical access and sufficient knowledge to execute arbitrary commands as root...

CVE-2022-23141

ZXMP M721 has an information leak vulnerability. Since the serial port authentication on the ZBOOT interface is not effective although it is enabled, an attacker could use this vulnerability to log in to the device to obtain sensitive information...

CVE-2022-23141

ZXMP M721 has an information leak vulnerability. Since the serial port authentication on the ZBOOT interface is not effective although it is enabled, an attacker could use this vulnerability to log in to the device to obtain sensitive information...

CVE-2020-11631

An issue was discovered in EJBCA before 6.15.2.6 and 7.x before 7.3.1.2. An error state can be generated in the CA UI by a malicious user. This, in turn, allows exploitation of other bugs. This follow-on exploitation can lead to privilege escalation and remote code execution. This is exploitable...

Cisco Catalyst 6500 Series Switches Cisco IOS Authorization Issues Vulnerability

Cisco Catalyst 6500 Series Switches is a 6500 series modular chassis switch from Cisco, Inc.Cisco IOS is one of the operating systems developed for its network devices. Cisco Catalyst 6500 Series Switches Cisco IOS Authorization Issue Vulnerability. An attacker could exploit this vulnerability to...

CVE-2017-8195

The FusionSphere OpenStack V100R006C00SPC102NFV has an improper authentication vulnerability. Due to improper authentication on one port, an authenticated, remote attacker may exploit the vulnerability to execute more operations by send a crafted rest message...