Lucene search
K

889 matches found

CNNVD
CNNVD
added 2026/04/20 12:0 a.m.8 views

Dell PowerProtect Data Domain(Dell PowerProtect DD) 安全漏洞

Dell PowerProtect Data Domain is a set of hardware devices developed by the American company Dell, used for data protection, backup, storage, and de-duplication. Vulnerabilities exist in versions 7.7.1.0 to 8.6 of Dell PowerProtect Data Domain, as well as in LTS2025 versions 8.3.1.0 to 8.3.1.20 a...

7.2CVSS6.1AI score0.01191EPSS
Exploits0References1
NCSC
NCSC
added 2026/04/10 2:28 p.m.11 views

Vulnerability fixed in Cisco Smart Software Manager On-Prem

Cisco has fixed a vulnerability in Cisco Smart Software Manager On-Prem. A malicious party could exploit this vulnerability by inadvertently making an internal service component in Cisco Smart Software Manager On-Prem SSM On-Prem externally accessible. This allows a remote attacker to execute...

9.8CVSS6AI score0.00914EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/26 7:0 p.m.3 views

CVE-2026-26213

thingino-firmware versions up to the firmware-2026-03-16 release contains an unauthenticated os command injection vulnerability in the WiFi captive portal CGI script that allows remote attackers to execute arbitrary commands as root by injecting malicious code through unsanitized HTTP parameter...

8.7CVSS6.8AI score0.06239EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/03/26 7:0 p.m.29 views

CVE-2026-26213 thingino-firmware api.cgi Unauthenticated Command Injection in Captive Portal

thingino-firmware versions up to the firmware-2026-03-16 release contains an unauthenticated os command injection vulnerability in the WiFi captive portal CGI script that allows remote attackers to execute arbitrary commands as root by injecting malicious code through unsanitized HTTP parameter...

8.7CVSS0.06239EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/03/19 12:0 a.m.6 views

PT-2026-26318

OS command injection in the CWMP client /ftl/bin/cwmp of Small Cell Sercomm SCE4255W FreedomFi Englewood firmware before DG3934v3@2308041842 allows remote attackers controlling the ACS endpoint to execute arbitrary commands as root via a crafted TR-069 Download URL that is passed unescaped into t...

6.2AI score0.01222EPSS
Exploits0References6
The Hacker News
The Hacker News
added 2026/03/18 12:30 p.m.18 views

Critical Unpatched Telnetd Flaw (CVE-2026-32746) Enables Unauthenticated Root RCE

Cybersecurity researchers have disclosed a critical security flaw impacting the GNU InetUtils telnet daemon telnetd that could be exploited by an unauthenticated remote attacker to execute arbitrary code with elevated privileges. The vulnerability, tracked as CVE-2026-32746 , carries a CVSS score...

9.8CVSS8.5AI score0.98871EPSS
Exploits68
GithubExploit
GithubExploit
added 2026/03/06 9:42 p.m.164 views

Exploit for Argument Injection in Gnu Inetutils

CVE-2026-24061: GNU Telnetd Authentication Bypass overview...

9.8CVSS6AI score0.98871EPSS
Exploits61
Positive Technologies
Positive Technologies
added 2026/03/04 12:0 a.m.10 views

PT-2026-22937

A shell command injection vulnerability in Mobvoi Tichome Mini smart speaker 012-18853 and 027-58389 allows remote attackers to send a specially crafted UDP datagram and execute arbitrary shell code as the root account...

9.8CVSS6.2AI score0.02003EPSS
Exploits2References3
NVD
NVD
added 2026/02/18 4:22 p.m.4 views

CVE-2025-70998

UTT HiPER 810 / nv810v4 router firmware v1.5.0-140603 was discovered to contain insecure default credentials for the telnet service, possibly allowing a remote attacker to gain root access via a crafted script...

9.8CVSS0.00424EPSS
Exploits1References1
OSV
OSV
added 2026/02/18 4:22 p.m.5 views

CVE-2025-70998

UTT HiPER 810 / nv810v4 router firmware v1.5.0-140603 was discovered to contain insecure default credentials for the telnet service, possibly allowing a remote attacker to gain root access via a crafted script...

9.8CVSS5.8AI score0.00424EPSS
Exploits1References1
The Hacker News
The Hacker News
added 2026/02/18 10:32 a.m.12 views

Dell RecoverPoint for VMs Zero-Day CVE-2026-22769 Exploited Since Mid-2024

A maximum severity security vulnerability in Dell RecoverPoint for Virtual Machines has been exploited as a zero-day by a suspected China-nexus threat cluster dubbed UNC6201 since mid-2024, according to a new report from Google Mandiant and Google Threat Intelligence Group GTIG. The activity...

10CVSS7.5AI score0.13131EPSS
Exploits1
Cvelist
Cvelist
added 2026/02/18 12:0 a.m.22 views

CVE-2025-70998

UTT HiPER 810 / nv810v4 router firmware v1.5.0-140603 was discovered to contain insecure default credentials for the telnet service, possibly allowing a remote attacker to gain root access via a crafted script...

0.00424EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/02/18 12:0 a.m.3 views

CVE-2025-70998

UTT HiPER 810 / nv810v4 router firmware v1.5.0-140603 was discovered to contain insecure default credentials for the telnet service, possibly allowing a remote attacker to gain root access via a crafted script...

5.7AI score0.00424EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/02/18 12:0 a.m.5 views

PT-2026-20437

UTT HiPER 810 / nv810v4 router firmware v1.5.0-140603 was discovered to contain insecure default credentials for the telnet service, possibly allowing a remote attacker to gain root access via a crafted script...

5.7AI score0.00424EPSS
Exploits1References1
NVD
NVD
added 2026/02/11 3:16 p.m.9 views

CVE-2026-2248

METIS WIC devices versions = oscore 2.1.234-r18 expose a web-based shell at the /console endpoint that does not require authentication. Accessing this endpoint allows a remote attacker to execute arbitrary operating system commands with root UID 0 privileges. This results in full system compromis...

9.8CVSS0.00514EPSS
Exploits0References2
CVE
CVE
added 2026/02/11 2:15 p.m.13 views

CVE-2026-2248

CVE-2026-2248 affects METIS WIC devices (versions

9.8CVSS6.1AI score0.00514EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/02/11 2:15 p.m.27 views

CVE-2026-2248 Unauthenticated Remote Root Shell Access via Web Console in METIS WIC

METIS WIC devices versions = oscore 2.1.234-r18 expose a web-based shell at the /console endpoint that does not require authentication. Accessing this endpoint allows a remote attacker to execute arbitrary operating system commands with root UID 0 privileges. This results in full system compromis...

9.8CVSS0.00514EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/02/11 12:0 a.m.6 views

METIS WIC 安全漏洞

METIS WIC is a window interface configuration software for infrared thermometers developed by the Greek company METIS. Versions of METIS WIC 2.1.234-r18 and earlier contained security vulnerabilities. These vulnerabilities stemmed from the /console endpoint, which exposed a web-based shell that...

9.8CVSS6.1AI score0.00514EPSS
Exploits0References2
GithubExploit
GithubExploit
added 2026/01/27 2:24 p.m.225 views

Exploit for CVE-2026-24061

CVE-2026-24061 Proof of Concept PoC ⚠️ DISCLAIMER: EDUCA...

9.8CVSS7.2AI score0.98871EPSS
Exploits61
GithubExploit
GithubExploit
added 2026/01/24 11:21 p.m.174 views

Exploit for CVE-2026-24061

CVE-2026-24061 Vulnerable Lab ⚠️ WARNING: Intentionally...

9.8CVSS5.5AI score0.98871EPSS
Exploits61
Rows per page
Query Builder