PT-2025-33435 · Mtons · Mtons Mblog

Name of the Vulnerable Software and Affected Versions: mtons mblog versions prior to 3.5.1 Description: A vulnerability was found in mtons mblog up to version 3.5.0. This issue affects some unknown processing of the file /settings/password. The manipulation leads to improper restriction of...

ELECOM WAB-I1750-PS 访问控制错误漏洞

The ELECOM WAB-I1750-PS is a wireless access point from ELECOM Japan. An access control error vulnerability exists in the ELECOM WAB-I1750-PS v1.5.10 and earlier versions, which stems from the lack of an authentication mechanism for the Telnet function in wireless LAN routers and access points,...

The vulnerability of the CE_A protocol implementation in the data collection and transmission device CE805M allows a hacker to modify the equipment settings.

The vulnerability of the CEA protocol implementation in the data collection and transmission device CE805M is related to an undocumented user account called SUPERVISOR. Exploiting this vulnerability could allow a malicious actor to remotely alter the equipment’s settings...

The software vulnerabilities of the EcoStruxure EV Charging Expert parking charging stations allow a violator to modify system settings or user accounts.

The vulnerability of the EcoStruxure EV Charging Expert parking charging station software is related to incorrect restrictions on the visible layers or frames of the user interface. Exploiting this vulnerability could allow an attacker to remotely modify system settings or user accounts...

Koyo Electronics Industries Screen Creator Advance 2 安全漏洞

Koyo Electronics Industries Screen Creator Advance 2 is a drawing program for the GC-A2 series from Koyo Electronics Industries, Japan. A security vulnerability exists in Koyo Electronics Industries Screen Creator Advance 2 versions prior to 0.1.1.3 Build01, which stems from improper account name...

The vulnerability of the Web-GUI component of the microprogramming software for WAGO Series 750-88x and WAGO Series 750-87x allows a hacker to alter the settings.

The vulnerability of the Web-GUI component of the microprogramming software for WAGO Series 750-88x and WAGO Series 750-87x exists due to the rigid coding of registration data. Exploiting this vulnerability could allow a malicious actor to remotely alter settings...

CVE-2017-15236

Tiandy IP cameras 5.56.17.120 do not properly restrict a certain proprietary protocol, which allows remote attackers to read settings via a crafted request to TCP port 3001, as demonstrated by config files and extendword.txt...

FtitzBox

Exploitation: Remote with browser Exploit: Available Impact: Medium Fix: N/A - Description: Via XSRF change settings in FritzBox. - Vulnerability: XSRF vulnerability, when you use the FritzBox without passwort login - example Exploit for Portforwarding: html body...