Lucene search
K

1049 matches found

Nuclei
Nuclei
added yesterday162 views

Tenda AC1200 V-W15Ev2 - Authentication Bypass

The Tenda AC1200 V-W15Ev2 router is affected by improper authorization/improper session management. The software does not perform or incorrectly perform an authorization check when a user attempts to access a resource or perform an action. This allows the router's login page to be bypassed. The...

4.9CVSS6.2AI score0.28802EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 6 days ago6 views

CVE-2026-54423

A malicious user with access to deploy a node directly via Ironic can specify the IPMI sendraw deployment step with a malicious payload and send commands to that nodes' BMC. IPMI sendraw capability is exposed multiple ways, including via VendorPassthru interfaces restricted to system admin and...

8.2CVSS6.2AI score0.00516EPSS
Exploits0References4
OSV
OSV
added 2026/07/06 6:31 a.m.4 views

OESA-2026-2877 freeipmi security update

The package provides "Remote-Console" and "System Management software" based on intelligent platform management interface specification. Security Fixes: ipmi-oem in FreeIPMI before 1.6.18 has exploitable buffer overflows on response messages. The Intelligent Platform Management Interface IPMI...

7.5CVSS6.2AI score0.00405EPSS
Exploits0References2
The Hacker News
The Hacker News
added 2026/07/02 6:30 p.m.20 views

Ransomware Groups Turn to Citrix Bleed 2, BYOVD, and Supply Chain Credentials

Threat actors associated with the Anubis ransomware operation have been observed exploiting the Citrix Bleed 2 CVE-2025-5777 vulnerability to obtain initial access. "Although tactics differ between affiliates, common patterns emerged in tradecraft through use of legitimate Remote Management and...

9.3CVSS7.5AI score0.9987EPSS
Exploits18
NVD
NVD
added 2026/06/12 11:16 a.m.14 views

CVE-2026-11848

The iRM-IEI Remote Management developed by IEI Integration Corp has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to exploit a specific functionality to obtain partial system configuration information...

7.9CVSS0.00297EPSS
Exploits0References2
NVD
NVD
added 2026/06/12 11:16 a.m.13 views

CVE-2026-11849

The iRM-IEI Remote Management developed by IEI Integration Corp has a Hardcoded Credentials vulnerability, allowing unauthenticated remote attackers to exploit hard-coded credentials to gain administrative privileges on the database...

9.8CVSS0.0035EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/12 9:47 a.m.9 views

CVE-2026-11849 IEI Integration Corp|iRM-IEI Remote Management - Hard-coded Credentials

The iRM-IEI Remote Management developed by IEI Integration Corp has a Hardcoded Credentials vulnerability, allowing unauthenticated remote attackers to exploit hard-coded credentials to gain administrative privileges on the database...

9.8CVSS5.4AI score0.0035EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/12 9:47 a.m.14 views

EUVD-2026-36410

The iRM-IEI Remote Management developed by IEI Integration Corp has a Hardcoded Credentials vulnerability, allowing unauthenticated remote attackers to exploit hard-coded credentials to gain administrative privileges on the database...

9.8CVSS5.4AI score0.0035EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/12 9:47 a.m.30 views

CVE-2026-11849 IEI Integration Corp|iRM-IEI Remote Management - Hard-coded Credentials

The iRM-IEI Remote Management developed by IEI Integration Corp has a Hardcoded Credentials vulnerability, allowing unauthenticated remote attackers to exploit hard-coded credentials to gain administrative privileges on the database...

9.8CVSS0.0035EPSS
Exploits0References2
CVE
CVE
added 2026/06/12 9:47 a.m.21 views

CVE-2026-11849

The CVE-2026-11849 entry concerns IEI Integration Corp’s iRM-IEI Remote Management with a hardcoded credentials flaw. Affected component: the iRM-IEI Remote Management database (product/vendor specified). Root cause: hardcoded credentials allowing unauthenticated remote access. Impact: attacker c...

9.8CVSS5.5AI score0.0035EPSS
Exploits0References2
CVE
CVE
added 2026/06/12 9:44 a.m.18 views

CVE-2026-11848

CVE-2026-11848 concerns IEI Integration Corp’s iRM-IEI Remote Management. The publicly documented vulnerability is Missing Authentication, allowing unauthenticated remote attackers to access a function that reveals partial system configuration information. Candidate details across sources indicat...

7.9CVSS5.4AI score0.00297EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/12 9:44 a.m.30 views

CVE-2026-11848 IEI Integration Corp| iRM-IEI Remote Management - Missing Authentication

The iRM-IEI Remote Management developed by IEI Integration Corp has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to exploit a specific functionality to obtain partial system configuration information...

7.9CVSS0.00297EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/12 9:44 a.m.9 views

CVE-2026-11848 IEI Integration Corp| iRM-IEI Remote Management - Missing Authentication

The iRM-IEI Remote Management developed by IEI Integration Corp has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to exploit a specific functionality to obtain partial system configuration information...

7.9CVSS5.3AI score0.00297EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/12 9:44 a.m.9 views

EUVD-2026-36409

The iRM-IEI Remote Management developed by IEI Integration Corp has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to exploit a specific functionality to obtain partial system configuration information...

7.9CVSS5.4AI score0.00297EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/12 12:0 a.m.15 views

PT-2026-48855

The iRM-IEI Remote Management developed by IEI Integration Corp has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to exploit a specific functionality to obtain partial system configuration information...

7.9CVSS5.3AI score0.00297EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/12 12:0 a.m.16 views

PT-2026-48856

The iRM-IEI Remote Management developed by IEI Integration Corp has a Hardcoded Credentials vulnerability, allowing unauthenticated remote attackers to exploit hard-coded credentials to gain administrative privileges on the database...

9.8CVSS5.4AI score0.0035EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/05 7:34 p.m.12 views

CVE-2026-1789

A vulnerability in the browser-based remote management interface may allow an administrator to access sensitive information on the device via crafted requests, affecting certain production printers and office/small office multifunction printers...

6.9CVSS5.6AI score0.00294EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 6:49 p.m.8 views

CVE-2024-21950

An out of bounds read in the remote management firmware could allow a privileged attacker read a limited section of memory outside of established bounds potentially resulting in loss of confidentiality or availability...

1.8CVSS5.5AI score0.00095EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/05/29 8:13 p.m.17 views

CVE-2026-9039

A configuration weakness in the device’s remote management service allows an authenticated session to be established over a communication channel intended solely for vehicle-charger signaling. The service is accessible on interfaces exposed through the charging connector, and it accepts a default...

8.6CVSS5.8AI score0.00185EPSS
Exploits0References1
NVD
NVD
added 2026/05/28 8:16 p.m.14 views

CVE-2026-9039

A configuration weakness in the device’s remote management service allows an authenticated session to be established over a communication channel intended solely for vehicle-charger signaling. The service is accessible on interfaces exposed through the charging connector, and it accepts a default...

8.6CVSS0.00185EPSS
Exploits0References1
Rows per page
Query Builder