CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CVE•added 2026/05/27 12:0 a.m.•7 views

CVE-2026-36538

Netis AC1200 Router NC21 (firmware v4.0.1.4296) is affected by a hard-coded root credential stored in /etc/shadow.sample, with the root password set to root. This enables an attacker with device access to authenticate as root and take full control of the OS. The connected Red Hat/NVD entries corr...

7.3CVSS5.8AI score0.00047EPSS

Exploits0References2

ATTACKERKB•added 2026/03/05 12:0 a.m.•2 views

CVE-2025-29165

An issue in D-Link DIR-1253 MESH V1.6.1684 allows an attacker to escalate privileges via the etc/shadow.sample component...

5.9AI score0.00018EPSS

Exploits0References4

OSV•added 2025/06/16 9:15 p.m.•0 views

CVE-2025-6139

A vulnerability, which was classified as problematic, has been found in TOTOLINK T10 4.1.8cu.5207. Affected by this issue is some unknown functionality of the file /etc/shadow.sample. The manipulation leads to use of hard-coded password. The attack can only be initiated within the local network...

2CVSS4.4AI score

Exploits0References5

RedhatCVE•added 2025/05/23 9:3 a.m.•0 views

CVE-2024-7216

A vulnerability was found in TOTOLINK LR1200 9.3.1cu.2832. It has been classified as problematic. This affects an unknown part of the file /etc/shadow.sample. The manipulation leads to use of hard-coded password. The complexity of an attack is rather high. The exploitability is told to be...

5.3CVSS5.9AI score0.00304EPSS

Exploits1References1

OSV•added 2024/07/30 4:15 a.m.•1 views

CVE-2024-7216

5.3CVSS4.3AI score0.00304EPSS

Exploits1References4

CNNVD•added 2024/07/28 12:0 a.m.•1 views

TOTOLINK A3300R 安全漏洞

The TOTOLINK A3300R is a wireless router manufactured by China's Gion Electronics TOTOLINK. The TOTOLINK A3300R is vulnerable to a hard-coded password vulnerability that originates from the use of hard-coded passwords in the /etc/shadow.sample file. No details of the vulnerability are provided at...

4.7CVSS6.9AI score0.00067EPSS

Exploits1References5

Positive Technologies•added 2024/06/14 12:0 a.m.•2 views

PT-2024-27697 · Trendnet · Trendnet Tew-814Dap

Name of the Vulnerable Software and Affected Versions: TRENDnet TEW-814DAP version 1 FW1.01B01 Description: The issue allows attackers to log in as root due to a hardcoded password vulnerability found in /etc/shadow.sample. This enables unauthorized access to the system. Recommendations: For...

8.8CVSS7AI score0.00133EPSS

OSV•added 2024/06/03 9:15 p.m.•0 views

CVE-2024-36782

TOTOLINK CP300 V2.0.4-B20201102 was discovered to contain a hardcoded password vulnerability in /etc/shadow.sample, which allows attackers to log in as root...

9.8CVSS5.8AI score

Positive Technologies•added 2024/05/09 12:0 a.m.•1 views

PT-2024-25745 · Totolink · Totolink Cp450

Name of the Vulnerable Software and Affected Versions: TOTOLINK CP450 version 4.1.0cu.747 B20191224 Description: The issue is related to a hardcoded password vulnerability found in the /etc/shadow.sample file. This vulnerability allows attackers to log in as root. Recommendations: For TOTOLINK...

8.8CVSS6.9AI score0.00119EPSS

OSV•added 2022/09/06 5:15 p.m.•1 views

CVE-2022-40111

In TOTOLINK A3002R TOTOLINK-A3002R-He-V1.1.1-B20200824.0128 in the shadow.sample file, root is hardcoded in the firmware...

9.8CVSS5.8AI score

Positive Technologies•added 2022/09/06 12:0 a.m.•2 views

PT-2022-24110 · Totolink · Totolink A860R

Name of the Vulnerable Software and Affected Versions: TOTOLINK A860R version 4.1.2cu.5182 B20201027 Description: The issue concerns a hard-coded password for the root user, located in the /etc/shadow.sample file. Recommendations: For TOTOLINK A860R version 4.1.2cu.5182 B20201027, consider changi...

7.5CVSS7.6AI score0.00329EPSS

Exploits0References3

CNVD•added 2022/08/30 12:0 a.m.•1 views

TOTOLINK A720R Hardcoded Vulnerability

TOTOLINK A720R is a wireless router from China's Gion Electronics TOTOLINK with dual-band Wi-Fi capabilities, focusing on high-speed internet and signal coverage. The TOTOLINK A720R suffers from a hard-coded vulnerability that stems from the inclusion of root's hard-coded password in...

7.8CVSS7.8AI score0.00056EPSS

Exploits1References1

OSV•added 2022/08/29 12:15 a.m.•1 views

CVE-2022-36610

TOTOLINK A720R V4.1.5cu.532B20210610 was discovered to contain a hardcoded password for root at /etc/shadow.sample...

7.8CVSS5.8AI score0.00056EPSS

Exploits1References1

OSV•added 2022/08/29 12:15 a.m.•1 views

CVE-2022-36614

TOTOLINK A860R V4.1.2cu.5182B20201027 was discovered to contain a hardcoded password for root at /etc/shadow.sample...

7.8CVSS5.8AI score

ATTACKERKB•added 2022/08/29 12:15 a.m.•1 views

CVE-2022-36614

TOTOLINK A860R V4.1.2cu.5182B20201027 was discovered to contain a hardcoded password for root at /etc/shadow.sample...

7.8CVSS7.1AI score0.00056EPSS

Exploits1References2

CNNVD•added 2022/08/28 12:0 a.m.•1 views

TOTOLINK N600R 信任管理问题漏洞

TOTOLINK N600R is a dual-band wireless router launched by Korean brand TOTOLINK in 2013, which supports 2.4GHz and 5GHz dual-band concurrency with a maximum wireless transmission rate of 300Mbps. The TOTOLINK N600R suffers from a hard-coded vulnerability that originates from the inclusion of a...

CNNVD•added 2022/08/28 12:0 a.m.•1 views

TOTOLINK A720R 信任管理问题漏洞

CNNVD•added 2022/08/28 12:0 a.m.•2 views

TOTOLINK A3000RU 信任管理问题漏洞

The TOTOLINK A3000Ru is a wireless router from China's Gion Electronics TOTOLINK. A security vulnerability exists in the TOTOLINK A3000RU version V4.1.2cu.5185B20201128, which originates from the inclusion of a hardcoded root password in /etc/shadow.sample...

CNNVD•added 2022/08/28 12:0 a.m.•3 views

TOTOLINK A950RG 信任管理问题漏洞

TOTOLINK A950RG is an ultra-generation Giga wireless router from China's Gion Electronics TOTOLINK that supports high-speed network connectivity and multi-device management. The TOTOLINK A950RG suffers from a hard-coded vulnerability that originates from the inclusion of root's hard-coded passwor...