Lucene search
K

16 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-24632

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.05765EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/08/15 12:30 a.m.13 views

CVE-2025-43982

Shenzhen Tuoshi NR500-EA RG500UEAABxCOMSLICv3.4.2731.16.43 devices enable the SSH service by default. There is a hidden hard-coded root account that cannot be disabled in the GUI...

9.8CVSS7.3AI score0.00338EPSS
Exploits0References1
NVD
NVD
added 2025/08/13 8:15 p.m.8 views

CVE-2025-43982

Shenzhen Tuoshi NR500-EA RG500UEAABxCOMSLICv3.4.2731.16.43 devices enable the SSH service by default. There is a hidden hard-coded root account that cannot be disabled in the GUI...

9.8CVSS0.00338EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/08/13 12:0 a.m.4 views

CVE-2025-43982

Shenzhen Tuoshi NR500-EA RG500UEAABxCOMSLICv3.4.2731.16.43 devices enable the SSH service by default. There is a hidden hard-coded root account that cannot be disabled in the GUI...

7.2AI score0.00338EPSS
Exploits0References2
CVE
CVE
added 2025/08/13 12:0 a.m.57 views

CVE-2025-43989

CVE-2025-43989 affects Shenzhen Tuoshi NR500-EA RG500UEAABxCOMSLIC firmware 3.4.2731.16.43. The /goform/formJsonAjaxReq POST endpoint mishandles set_timesetting with ntpserver0; setting a username=admin cookie bypasses session checks and allows an unauthenticated attacker to execute arbitrary OS ...

6.5CVSS8AI score0.05765EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/08/13 12:0 a.m.4 views

CVE-2025-43989

The /goform/formJsonAjaxReq POST endpoint of Shenzhen Tuoshi NR500-EA RG500UEAABxCOMSLICv3.4.2731.16.43 devices mishandles the settimesetting action with the ntpserver0 parameter, which is used in a system command. By setting a username=admin cookie bypassing normal session checks, an...

8AI score0.05765EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/08/13 12:0 a.m.7 views

PT-2025-33067 · Unknown · Shenzhen Tuoshi Nr500-Ea +1

Name of the Vulnerable Software and Affected Versions: Shenzhen Tuoshi NR500-EA RG500UEAABxCOMSLIC version 3.4.2731.16.43 Description: Shenzhen Tuoshi NR500-EA RG500UEAABxCOMSLIC devices enable the SSH service by default. A hidden, hard-coded root account exists that cannot be disabled through th...

9.8CVSS7.3AI score0.00338EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/05/23 7:30 a.m.8 views

CVE-2024-48440

Shenzhen Tuoshi Network Communications Co.,Ltd 5G CPE Router NR500-EA RG500UEAABxCOMSLICv3.2.2543.12.18 was discovered to contain a command injection vulnerability via the component atcommand.asp...

8.8CVSS8AI score0.01632EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 6:15 a.m.9 views

CVE-2024-48442

Incorrect access control in Shenzhen Tuoshi Network Communications Co.,Ltd 5G CPE Router NR500-EA RG500UEAABxCOMSLICv3.2.2543.12.18 allows attackers to access the SSH protocol without authentication...

6.5CVSS6.9AI score0.00253EPSS
Exploits0References1
NVD
NVD
added 2024/10/24 6:15 p.m.18 views

CVE-2024-48442

Incorrect access control in Shenzhen Tuoshi Network Communications Co.,Ltd 5G CPE Router NR500-EA RG500UEAABxCOMSLICv3.2.2543.12.18 allows attackers to access the SSH protocol without authentication...

6.5CVSS0.00253EPSS
Exploits0References1
NVD
NVD
added 2024/10/24 6:15 p.m.12 views

CVE-2024-48440

Shenzhen Tuoshi Network Communications Co.,Ltd 5G CPE Router NR500-EA RG500UEAABxCOMSLICv3.2.2543.12.18 was discovered to contain a command injection vulnerability via the component atcommand.asp...

8.8CVSS0.01632EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/10/24 12:0 a.m.20 views

CVE-2024-48442

Incorrect access control in Shenzhen Tuoshi Network Communications Co.,Ltd 5G CPE Router NR500-EA RG500UEAABxCOMSLICv3.2.2543.12.18 allows attackers to access the SSH protocol without authentication...

7.1AI score0.00253EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/10/24 12:0 a.m.25 views

CVE-2024-48440

Shenzhen Tuoshi Network Communications Co.,Ltd 5G CPE Router NR500-EA RG500UEAABxCOMSLICv3.2.2543.12.18 was discovered to contain a command injection vulnerability via the component atcommand.asp...

0.01632EPSS
Exploits0References1
CVE
CVE
added 2024/10/24 12:0 a.m.60 views

CVE-2024-48440

The CVE-2024-48440 entry affects Shenzhen Tuoshi Network Communications Co.,Ltd 5G CPE Router NR500-EA (RG500UEAABxCOMSLICv3.2.2543.12.18) and is caused by a command injection vulnerability in the at_command.asp component. Public data lists CVSSv3.1 metrics: AV Adjacent, AC Low, PR None, UI None,...

8.8CVSS7.6AI score0.01632EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/10/24 12:0 a.m.26 views

CVE-2024-48442

Incorrect access control in Shenzhen Tuoshi Network Communications Co.,Ltd 5G CPE Router NR500-EA RG500UEAABxCOMSLICv3.2.2543.12.18 allows attackers to access the SSH protocol without authentication...

0.00253EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/10/24 12:0 a.m.12 views

CVE-2024-48440

Shenzhen Tuoshi Network Communications Co.,Ltd 5G CPE Router NR500-EA RG500UEAABxCOMSLICv3.2.2543.12.18 was discovered to contain a command injection vulnerability via the component atcommand.asp...

8.2AI score0.01632EPSS
Exploits0References1
Rows per page
Query Builder