CVE-2024-56836

A vulnerability has been identified in RUGGEDCOM ROX MX5000 All versions V2.17.0, RUGGEDCOM ROX MX5000RE All versions V2.17.0, RUGGEDCOM ROX RX1400 All versions V2.17.0, RUGGEDCOM ROX RX1500 All versions V2.17.0, RUGGEDCOM ROX RX1501 All versions V2.17.0, RUGGEDCOM ROX RX1510 All versions V2.17.0...

CVE-2024-56835

CVE-2024-56835 affects Siemens RUGGEDCOM ROX II family (MX5000/MX5000RE, RX1400, RX1500, RX1501, RX1510, RX1511, RX1512, RX1524, RX1536, RX5000) prior to v2.17.0. The DHCP Server configuration file is subject to code injection, enabling an attacker to spawn a reverse shell and gain root access. C...

CVE-2024-56835

A vulnerability has been identified in RUGGEDCOM ROX MX5000 All versions V2.17.0, RUGGEDCOM ROX MX5000RE All versions V2.17.0, RUGGEDCOM ROX RX1400 All versions V2.17.0, RUGGEDCOM ROX RX1500 All versions V2.17.0, RUGGEDCOM ROX RX1501 All versions V2.17.0, RUGGEDCOM ROX RX1510 All versions V2.17.0...

CVE-2024-56835

A vulnerability has been identified in RUGGEDCOM ROX MX5000 All versions V2.17.0, RUGGEDCOM ROX MX5000RE All versions V2.17.0, RUGGEDCOM ROX RX1400 All versions V2.17.0, RUGGEDCOM ROX RX1500 All versions V2.17.0, RUGGEDCOM ROX RX1501 All versions V2.17.0, RUGGEDCOM ROX RX1510 All versions V2.17.0...

CVE-2025-27019

Remote shell service RSH in Infinera MTC-9 version R22.1.1.0275 allows an attacker to utilize password-less user accounts and obtain system access by activating a reverse shell.This issue affects MTC-9: from R22.1.1.0275 before R23.0...

MAL-2025-192386 Malicious code in telcoo (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 c96937a82adce2ecc6628245fd858587131511b4145c04f577ec25d8fa846577 Running the module starts a reverse shell --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: 2025-12-evil-rce...

Malicious code in telcoo (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 c96937a82adce2ecc6628245fd858587131511b4145c04f577ec25d8fa846577 Running the module starts a reverse shell --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: 2025-12-evil-rce...

PT-2025-49826

Name of the Vulnerable Software and Affected Versions RUGGEDCOM ROX II versions prior to 2.17.0 Description A code injection issue exists in the DHCP Server configuration file of RUGGEDCOM ROX II devices. Successful exploitation could allow an attacker to execute arbitrary code, potentially gaini...

PT-2025-49828

Name of the Vulnerable Software and Affected Versions RUGGEDCOM ROX II versions prior to 2.17.0 Description A flaw exists in the RUGGEDCOM ROX II family that could allow an attacker to gain root access on the affected system. This is due to inadequate validation when installing and loading certai...

PT-2025-49827

Name of the Vulnerable Software and Affected Versions RUGGEDCOM ROX II versions prior to 2.17.0 Description A flaw exists in the RUGGEDCOM ROX II family that allows for the injection of additional configuration parameters during Dynamic DNS configuration. An attacker could potentially exploit thi...

CVE-2025-27019

Remote shell service RSH in Infinera MTC-9 version R22.1.1.0275 allows an attacker to utilize password-less user accounts and obtain system access by activating a reverse shell.This issue affects MTC-9: from R22.1.1.0275 before R23.0...

CVE-2025-27019

Remote shell service RSH in Infinera MTC-9 version R22.1.1.0275 allows an attacker to utilize password-less user accounts and obtain system access by activating a reverse shell.This issue affects MTC-9: from R22.1.1.0275 before R23.0...

CVE-2025-27019 Remote shell service (RSH) in Infinera MTC-9

Remote shell service RSH in Infinera MTC-9 version R22.1.1.0275 allows an attacker to utilize password-less user accounts and obtain system access by activating a reverse shell.This issue affects MTC-9: from R22.1.1.0275 before R23.0...

CVE-2025-27019 Remote shell service (RSH) in Infinera MTC-9

Remote shell service RSH in Infinera MTC-9 version R22.1.1.0275 allows an attacker to utilize password-less user accounts and obtain system access by activating a reverse shell.This issue affects MTC-9: from R22.1.1.0275 before R23.0...

EUVD-2025-201701

Remote shell service RSH in Infinera MTC-9 version R22.1.1.0275 allows an attacker to utilize password-less user accounts and obtain system access by activating a reverse shell.This issue affects MTC-9: from R22.1.1.0275 before R23.0...

CVE-2025-27019

CVE-2025-27019 affects Infinera MTC-9 where the Remote Shell Service (RSH) in firmware version R22.1.1.0275 contains a misconfiguration that allows an attacker to exploit password-less user accounts to obtain full system access via a reverse shell. The advisory notes impact on MTC-9 from R22.1.1....

Exploit for CVE-2025-66478

CVE-2025-66478 – Next.js Server Actions RCE Vulnerability: Ana...

1Panel IP Access Control Bypass via Untrusted X-Forwarded-For Headers

The server trusts all reverse-proxy headers by default, so any remote client can spoof X-Forwarded-For to bypass IP-based protections AllowIPs, API IP whitelist, “localhost-only” checks. All IP-based access control becomes ineffective...

PT-2025-49541

Name of the Vulnerable Software and Affected Versions Infinera MTC-9 versions R22.1.1.0275 through R22.1.1.0275 Description The Remote Shell Service RSH in Infinera MTC-9 allows an attacker to gain system access. This is achieved by exploiting password-less user accounts and activating a reverse...

📄 Zimbra Collaboration Suite Postjournal 9.0.0 Remote Command Execution

A critical vulnerability exists in the Zimbra Collaboration Suite ZCS PostJournal service that allows attackers to execute arbitrary system commands without authentication. The vulnerability is triggered through SMTP injection using a malicious RCPT TO parameter. This exploit provides full remote...