Lucene search
K

337 matches found

EUVD
EUVD
added 2026/04/07 9:32 p.m.5 views

EUVD-2025-209284

The Semtech LR11xx LoRa transceivers running early versions of firmware contains an information disclosure vulnerability in its firmware validation functionality. When a host issues a firmware validity check command via the SPI interface, the device decrypts the provided encrypted firmware packag...

5.1CVSS5.8AI score0.00113EPSS
Exploits0References2
NVD
NVD
added 2026/04/07 8:16 p.m.3 views

CVE-2025-14858

The Semtech LR11xx LoRa transceivers running early versions of firmware contains an information disclosure vulnerability in its firmware validation functionality. When a host issues a firmware validity check command via the SPI interface, the device decrypts the provided encrypted firmware packag...

5.1CVSS0.00113EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/07 7:57 p.m.2 views

CVE-2025-14858

The Semtech LR11xx LoRa transceivers running early versions of firmware contains an information disclosure vulnerability in its firmware validation functionality. When a host issues a firmware validity check command via the SPI interface, the device decrypts the provided encrypted firmware packag...

5.1CVSS5.8AI score0.00113EPSS
Exploits0References2
CVE
CVE
added 2026/04/07 7:57 p.m.12 views

CVE-2025-14858

The CVE targets Semtech LR11xx LoRa transceivers with early firmware versions. During a firmware validity check over SPI, the device decrypts an encrypted firmware package block-by-block; the last decrypted block remains uncleared in memory after validation, enabling an attacker with SPI access t...

5.1CVSS5.8AI score0.00113EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/07 7:57 p.m.17 views

CVE-2025-14858 Semtech LR11xx Encrypted Firmware Disclosure

The Semtech LR11xx LoRa transceivers running early versions of firmware contains an information disclosure vulnerability in its firmware validation functionality. When a host issues a firmware validity check command via the SPI interface, the device decrypts the provided encrypted firmware packag...

5.1CVSS0.00113EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/04/07 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2026-23431

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - spi: amlogic-spisg: Fix memory leak in amlspisgprobe In amlspisgprobe, ctlr is allocated by spialloctarget/spiallochost, but fails to call spicontrollerput in...

5.5CVSS6.2AI score0.00121EPSS
Exploits0References2
NVD
NVD
added 2026/04/06 6:16 p.m.3 views

CVE-2026-30613

An information disclosure vulnerability exists in AZIOT 1 Node Smart Switch 16amp- WiFi/Bluetooth Enabled Software Version: 1.1.9 due to improper access control on the UART debug interface. An attacker with physical access can connect to the UART interface and obtain sensitive information from th...

4.6CVSS0.00168EPSS
Exploits0References1
CVE
CVE
added 2026/04/06 12:0 a.m.11 views

CVE-2026-30613

CVE-2026-30613 affects AZIOT 1 Node Smart Switch (16A, WiFi/Bluetooth) with software 1.1.9. An information disclosure vulnerability arises from improper access control on the UART debug interface, allowing a physically proximate attacker to connect to UART and read sensitive data from the serial ...

4.6CVSS5.9AI score0.00168EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/06 12:0 a.m.19 views

CVE-2026-30613

An information disclosure vulnerability exists in AZIOT 1 Node Smart Switch 16amp- WiFi/Bluetooth Enabled Software Version: 1.1.9 due to improper access control on the UART debug interface. An attacker with physical access can connect to the UART interface and obtain sensitive information from th...

0.00168EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/06 12:0 a.m.4 views

CVE-2026-30613

An information disclosure vulnerability exists in AZIOT 1 Node Smart Switch 16amp- WiFi/Bluetooth Enabled Software Version: 1.1.9 due to improper access control on the UART debug interface. An attacker with physical access can connect to the UART interface and obtain sensitive information from th...

5.9AI score0.00168EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/04/03 6:9 p.m.3 views

CVE-2026-23475

A flaw was found in the Linux kernel's Serial Peripheral Interface SPI component. The system's per-CPU statistics for the SPI controller were not allocated until after the controller was registered. This created a window where a local user or process could access system files sysfs attributes...

5.5CVSS5.9AI score0.00123EPSS
Exploits0References4
EUVD
EUVD
added 2026/03/27 12:31 a.m.4 views

EUVD-2026-16452

The vulnerability affecting TL-WR850N v3 allows cleartext storage of administrative and Wi-Fi credentials in a region of the device’s flash memory while the serial interface remains enabled and protected by weak authentication. An attacker with physical access and the ability to connect to the...

5.1CVSS5.8AI score0.00124EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/03/26 9:16 p.m.24 views

CVE-2026-4346 Cleartext Storage of Administrative and Wi-Fi Credentials via Accessible Serial Interface in TP Link's TL-WR850N

The vulnerability affecting TL-WR850N v3 allows cleartext storage of administrative and Wi-Fi credentials in a region of the device’s flash memory while the serial interface remains enabled and protected by weak authentication. An attacker with physical access and the ability to connect to the...

5.1CVSS0.00124EPSS
Exploits0References2
CVE
CVE
added 2026/03/26 9:16 p.m.11 views

CVE-2026-4346

The CVE concerns TP-Link TL-WR850N v3 where credentials (administrative and Wi‑Fi) are stored in cleartext in a region of the device’s flash while the serial interface is enabled and protected by weak authentication. A physical attacker who can access the serial port can recover sensitive data, i...

6.8CVSS5.8AI score0.00124EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/26 12:0 a.m.4 views

PT-2026-28644

Name of the Vulnerable Software and Affected Versions TL-WR850N version 3 Description The issue allows for the storage of administrative and Wi-Fi credentials in cleartext within a region of the device’s flash memory. The serial interface remains enabled and is protected by weak authentication. A...

6.8CVSS5.9AI score0.00124EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/03/26 12:0 a.m.10 views

TP-Link TL-WR850N 安全漏洞

The TP-Link TL-WR850N is a WiFi router produced by the TP-Link company. The TP-Link TL-WR850N v3 has a security vulnerability. This vulnerability arises from the fact that, when the serial interface is enabled and under weak authentication protection, management credentials and Wi-Fi credentials...

6.8CVSS5.8AI score0.00124EPSS
Exploits0References2
EUVD
EUVD
added 2026/03/18 6:31 p.m.4 views

EUVD-2026-12878

The WiFi Extender WDR201A HW V2.1, FW LFMZX28040922V1.02 exposes an unprotected UART interface through accessible hardware pads on the PCB...

5.8AI score0.00307EPSS
Exploits0References3
NVD
NVD
added 2026/03/18 6:16 p.m.2 views

CVE-2026-30704

The WiFi Extender WDR201A HW V2.1, FW LFMZX28040922V1.02 exposes an unprotected UART interface through accessible hardware pads on the PCB...

9.1CVSS0.00307EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/03/18 12:0 a.m.13 views

Yuner Yipu WiFi Extender WDR201A 安全漏洞

Yuner Yipu WiFi Extender WDR201A is a WiFi signal amplifier produced by the Chinese company Yuner Yipu. The Yuner Yipu WiFi Extender WDR201A has a security vulnerability, which stems from an unprotected UART interface exposed on the PCB...

9.1CVSS5.8AI score0.00307EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/03/18 12:0 a.m.5 views

CVE-2026-30704

The WiFi Extender WDR201A HW V2.1, FW LFMZX28040922V1.02 exposes an unprotected UART interface through accessible hardware pads on the PCB...

5.8AI score0.00307EPSS
Exploits0References3
Rows per page
Query Builder