5 matches found
CVE-2025-11500 Credentials exposure in tinycontrol devices
Tinycontrol devices such as tcPDU and LAN Controllers LK3.5, LK3.9 and LK4 have two separate authentication mechanisms - one solely for interface management and one for protecting all other server resources. When the latter is turned off which is a default setting, an unauthenticated attacker on...
CVE-2025-11500
CVE-2025-11500 affects Tinycontrol devices (tcPDU; LK3.5, LK3.9, LK4). When the secondary authentication (protecting non-interface resources) is disabled (default), an unauthenticated attacker on the local network can read the login page response and access a JSON payload containing usernames and...
PT-2026-25661
Tinycontrol devices such as tcPDU and LAN Controllers LK3.5, LK3.9 and LK4 have two separate authentication mechanisms - one solely for interface management and one for protecting all other server resources. When the latter is turned off which is a default setting, an unauthenticated attacker on...
Avast Antivirus 安全漏洞
Avast Antivirus is a suite of antivirus software from the Czech company Avast. A security vulnerability exists in versions prior to Avast Antivirus 24.1, which stems from a vulnerability that could allow a local attacker to elevate privileges via COM hijacking during the time of check to time of...
Systemd Access Restriction Bypass Vulnerability
systemd is a Linux-based system and service manager developed by German software developer Lennart Poettering and others. It is compatible with the SysV and LSB startup scripts and provides a framework for representing dependencies between system services. A security vulnerability exists in...