EUVD-2026-20902

Improper neutralization of special elements used in an SQL command “SQL Injection” in SonicWall SMA1000 series appliances allows a remote authenticated attacker with read-only administrator privileges to escalate privileges to primary administrator...

EUVD-2025-27005

Malicious code in bioql PyPI...

CVE-2025-36729

A non-primary administrator user with admin rights to the web interface but without shell access permissions can display configuration of the device including the master admin password. This vulnerability also allows the user to give themselves shell access with the root gid...

CVE-2025-36729

A non-primary administrator user with admin rights to the web interface but without shell access permissions can display configuration of the device including the master admin password. This vulnerability also allows the user to give themselves shell access with the root gid...

CVE-2025-36729

The connected sources confirm CVE-2025-36729 concerns RACOM M!DGE2 devices where a non-primary administrator with web-interface rights (no shell access) can view device configuration, exposing the master admin password, and can escalate to shell access with root gid. The root cause is improper pe...

RACOM M!DGE2 安全漏洞

RACOM M!DGE2 is a cellular network router from RACOM Czech Republic. A security vulnerability exists in RACOM M!DGE2 that originates from a non-primary administrator user being able to display the device configuration including the primary administrator's password, which could lead to elevated...