1049 matches found
Tenda AC1200 V-W15Ev2 - Authentication Bypass
The Tenda AC1200 V-W15Ev2 router is affected by improper authorization/improper session management. The software does not perform or incorrectly perform an authorization check when a user attempts to access a resource or perform an action. This allows the router's login page to be bypassed. The...
CVE-2026-54423
A malicious user with access to deploy a node directly via Ironic can specify the IPMI sendraw deployment step with a malicious payload and send commands to that nodes' BMC. IPMI sendraw capability is exposed multiple ways, including via VendorPassthru interfaces restricted to system admin and...
OESA-2026-2877 freeipmi security update
The package provides "Remote-Console" and "System Management software" based on intelligent platform management interface specification. Security Fixes: ipmi-oem in FreeIPMI before 1.6.18 has exploitable buffer overflows on response messages. The Intelligent Platform Management Interface IPMI...
Ransomware Groups Turn to Citrix Bleed 2, BYOVD, and Supply Chain Credentials
Threat actors associated with the Anubis ransomware operation have been observed exploiting the Citrix Bleed 2 CVE-2025-5777 vulnerability to obtain initial access. "Although tactics differ between affiliates, common patterns emerged in tradecraft through use of legitimate Remote Management and...
CVE-2026-11848
The iRM-IEI Remote Management developed by IEI Integration Corp has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to exploit a specific functionality to obtain partial system configuration information...
CVE-2026-11849
The iRM-IEI Remote Management developed by IEI Integration Corp has a Hardcoded Credentials vulnerability, allowing unauthenticated remote attackers to exploit hard-coded credentials to gain administrative privileges on the database...
CVE-2026-11849 IEI Integration Corp|iRM-IEI Remote Management - Hard-coded Credentials
The iRM-IEI Remote Management developed by IEI Integration Corp has a Hardcoded Credentials vulnerability, allowing unauthenticated remote attackers to exploit hard-coded credentials to gain administrative privileges on the database...
EUVD-2026-36410
The iRM-IEI Remote Management developed by IEI Integration Corp has a Hardcoded Credentials vulnerability, allowing unauthenticated remote attackers to exploit hard-coded credentials to gain administrative privileges on the database...
CVE-2026-11849 IEI Integration Corp|iRM-IEI Remote Management - Hard-coded Credentials
The iRM-IEI Remote Management developed by IEI Integration Corp has a Hardcoded Credentials vulnerability, allowing unauthenticated remote attackers to exploit hard-coded credentials to gain administrative privileges on the database...
CVE-2026-11849
The CVE-2026-11849 entry concerns IEI Integration Corp’s iRM-IEI Remote Management with a hardcoded credentials flaw. Affected component: the iRM-IEI Remote Management database (product/vendor specified). Root cause: hardcoded credentials allowing unauthenticated remote access. Impact: attacker c...
CVE-2026-11848
CVE-2026-11848 concerns IEI Integration Corp’s iRM-IEI Remote Management. The publicly documented vulnerability is Missing Authentication, allowing unauthenticated remote attackers to access a function that reveals partial system configuration information. Candidate details across sources indicat...
CVE-2026-11848 IEI Integration Corp| iRM-IEI Remote Management - Missing Authentication
The iRM-IEI Remote Management developed by IEI Integration Corp has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to exploit a specific functionality to obtain partial system configuration information...
CVE-2026-11848 IEI Integration Corp| iRM-IEI Remote Management - Missing Authentication
The iRM-IEI Remote Management developed by IEI Integration Corp has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to exploit a specific functionality to obtain partial system configuration information...
EUVD-2026-36409
The iRM-IEI Remote Management developed by IEI Integration Corp has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to exploit a specific functionality to obtain partial system configuration information...
PT-2026-48855
The iRM-IEI Remote Management developed by IEI Integration Corp has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to exploit a specific functionality to obtain partial system configuration information...
PT-2026-48856
The iRM-IEI Remote Management developed by IEI Integration Corp has a Hardcoded Credentials vulnerability, allowing unauthenticated remote attackers to exploit hard-coded credentials to gain administrative privileges on the database...
CVE-2026-1789
A vulnerability in the browser-based remote management interface may allow an administrator to access sensitive information on the device via crafted requests, affecting certain production printers and office/small office multifunction printers...
CVE-2024-21950
An out of bounds read in the remote management firmware could allow a privileged attacker read a limited section of memory outside of established bounds potentially resulting in loss of confidentiality or availability...
CVE-2026-9039
A configuration weakness in the device’s remote management service allows an authenticated session to be established over a communication channel intended solely for vehicle-charger signaling. The service is accessible on interfaces exposed through the charging connector, and it accepts a default...
CVE-2026-9039
A configuration weakness in the device’s remote management service allows an authenticated session to be established over a communication channel intended solely for vehicle-charger signaling. The service is accessible on interfaces exposed through the charging connector, and it accepts a default...