EUVD-2025-22067

Malicious code in bioql PyPI...

MB CONNECT LINE mbNET.mini OS Command Injection Vulnerability (CNVD-2025-21144)

The mbNET.mini from MB CONNECT LINE is an industrial router designed for industrial scenarios and is primarily used to enable secure remote connections to machines and systems. MB CONNECT LINE mbNET.mini suffers from an operating system command injection vulnerability that stems from improper...

MB CONNECT LINE mbNET.mini Resource Management Error Vulnerability

The mbNET.mini from MB CONNECT LINE is an industrial router designed for industrial scenarios and is primarily used to enable secure remote connections to machines and systems. MB CONNECT LINE mbNET.mini suffers from a resource management error vulnerability that originates from exhausting critic...

CVE-2025-41676

A high privileged remote attacker can exhaust critical system resources by sending specifically crafted POST requests to the send-sms action in fast succession...

CVE-2025-41676

A high privileged remote attacker can exhaust critical system resources by sending specifically crafted POST requests to the send-sms action in fast succession...

CVE-2025-41676

A high privileged remote attacker can exhaust critical system resources by sending specifically crafted POST requests to the send-sms action in fast succession...

CVE-2025-41673

A high privileged remote attacker can execute arbitrary system commands via POST requests in the sendsms action due to improper neutralization of special elements used in an OS command...

CVE-2025-41676

The CVE-2025-41676 entry describes a resource-exhaustion vulnerability in MB CONNECT LINE mbNET.mini (industrial router) where a high-privilege remote attacker can overwhelm system resources by sending specially crafted POST requests to the send-sms action in rapid succession. Connected sources c...

CVE-2025-41676 Resource Exhaustion via POST Requests to send-sms Action

A high privileged remote attacker can exhaust critical system resources by sending specifically crafted POST requests to the send-sms action in fast succession...

CVE-2025-41676 Resource Exhaustion via POST Requests to send-sms Action

A high privileged remote attacker can exhaust critical system resources by sending specifically crafted POST requests to the send-sms action in fast succession...

CVE-2025-41673

CVE-2025-41673 affects MB CONNECT LINE mbNET.mini (industrial router). The vulnerability is an OS command-injection in the send_sms operation caused by improper neutralization of special elements, enabling remote execution of system commands via POST requests. Vulnerable versions are prior to 2.3...

MB Connect Line mbNET.mini 资源管理错误漏洞

The mbNET.mini from MB CONNECT LINE is an industrial router designed for industrial scenarios and is primarily used to enable secure remote connections to machines and systems. MB CONNECT LINE mbNET.mini suffers from a resource management error vulnerability that originates from exhausting critic...

CVE-2020-28899

The Web CGI Script on ZyXEL LTE4506-M606 V1.00ABDO.2C0 devices does not require authentication, which allows remote unauthenticated attackers via crafted JSON action data to /cgi-bin/gui.cgi to use all features provided by the router. Examples: change the router password, retrieve the Wi-Fi...

Huawei E5330 21.210.09.00.158 Cross Site Request Forgery

Exploit Title: Huawei E5330 Cross-Site Request Forgery Send SMS Date: 01/07/2019 Exploit Author: Nathu Nandwani Website: http://nandtech.co/ Vendor Homepage: https://consumer.huawei.com/in/mobile-broadband/e5330/ Version: 21.210.09.00.158 Tested on: Windows 10 x64 CVE: CVE-2014-5395 Note: The...

Huawei E5330 21.210.09.00.158 - Cross-Site Request Forgery (Send SMS) Exploit

Exploit for hardware platform in category web applications Exploit Title: Huawei E5330 Cross-Site Request Forgery Send SMS Exploit Author: Nathu Nandwani Website: http://nandtech.co/ Vendor Homepage: https://consumer.huawei.com/in/mobile-broadband/e5330/ Version: 21.210.09.00.158 Tested on: Windo...

Huawei E5330 21.210.09.00.158 - Cross-Site Request Forgery (Send SMS)

Huawei E5330 21.210.09.00.158 - Cross-Site Request Forgery Send SMS Exploit Title: Huawei E5330 Cross-Site Request Forgery Send SMS Date: 01/07/2019 Exploit Author: Nathu Nandwani Website: http://nandtech.co/ Vendor Homepage: https://consumer.huawei.com/in/mobile-broadband/e5330/ Version:...

Huawei E5330 21.210.09.00.158 - Cross-Site Request Forgery (Send SMS)

Exploit Title: Huawei E5330 Cross-Site Request Forgery Send SMS Date: 01/07/2019 Exploit Author: Nathu Nandwani Website: http://nandtech.co/ Vendor Homepage: https://consumer.huawei.com/in/mobile-broadband/e5330/ Version: 21.210.09.00.158 Tested on: Windows 10 x64 CVE: CVE-2014-5395 Note: The...

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in api/sms/send-sms in the Web UI 11.010.06.01.858 on Huawei E303 modems with software 22.157.18.00.858 allows remote attackers to hijack the authentication of administrators for requests that perform API operations and send SMS messages via a request...

Android Vulnerability Bypasses App's Digital Signature

A vulnerability exists in the Android code base that would allow a hacker to modify a legitimate, digitally signed Android application package file APK and not break the app’s cryptographic signature—an action that would normally set off a red flag that something is amiss. Researchers at startup...