97 matches found
EUVD-2025-35338
Encrypted WiFi and SSH credentials were found in the Ghost Robotics Vision 60 v0.27.2 APK. This vulnerability allows an attacker to connect to the robot's WiFi and view all its data, as it runs on ROS 2 without default authentication. In addition, the attacker can connect via SSH and gain full...
Ghost Robotics Vision 60 ๆๆ้ฎ้ขๆผๆด
Ghost Robotics Vision 60 is a quadrupedal ground robot from Ghost Robotics, USA. Ghost Robotics Vision 60 version v0.27.2 suffers from an authorization issue vulnerability that stems from WiFi and SSH credential disclosure, which could lead to an attacker connecting to the robot's WiFi and SSH to...
EUVD-2014-9812
Malware in sbrugna...
EUVD-2009-4808
Malware in sbrugna...
EUVD-2021-27696
Malicious code in bioql PyPI...
EUVD-2022-15805
Malicious code in bioql PyPI...
EUVD-2022-36040
Malicious code in bioql PyPI...
EUVD-2022-33580
Malicious code in bioql PyPI...
EUVD-2022-3646
Malicious code in bioql PyPI...
CVE-2025-59951
Termix is a web-based server management platform with SSH terminal, tunneling, and file editing capabilities. The official Docker image for Termix versions 1.5.0 and below, due to being configured with an Nginx reverse proxy, causes the backend to retrieve the proxy's IP instead of the client's I...
PT-2025-40304
Name of the Vulnerable Software and Affected Versions Termix versions 1.5.0 and below Description Termix is a web-based server management platform offering SSH terminal, tunneling, and file editing features. The official Docker image, when configured with an Nginx reverse proxy, incorrectly...
CVE-2014-125121
Array Networks vAPV version 8.3.2.17 and vxAG version 9.2.0.34 appliances are affected by a privilege escalation vulnerability caused by a combination of hardcoded SSH credentials or SSH private key and insecure permissions on a startup script. The devices ship with a default SSH login or a...
Cisco Unified Communications Manager Static SSH Credentials Vulnerability
Cisco Unified Communications Manager is a call processing component of a unified communications system from Cisco. The component provides a scalable, distributable and highly available enterprise IP telephony call processing solution. A static SSH credentials vulnerability exists in Cisco Unified...
CVE-2025-20309 Cisco Unified Communications Manager Static SSH Credentials Vulnerability
A vulnerability in Cisco Unified Communications Manager Unified CM and Cisco Unified Communications Manager Session Management Edition Unified CM SME could allow an unauthenticated, remote attacker to log in to an affected device using the root account, which has default, static credentials that...
CVE-2025-20309
CVE-2025-20309 affects Cisco Unified Communications Manager (Unified CM) and Unified CM Session Management Edition (Unified CM SME). The root cause is static, hardcoded root credentials that cannot be changed or deleted, enabling an unauthenticated, remote attacker to log in using the root accoun...
New PumaBot Botnet Targets Linux IoT Devices to Steal SSH Credentials and Mine Crypto
Embedded Linux-based Internet of Things IoT devices have become the target of a new botnet dubbed PumaBot. Written in Go, the botnet is designed to conduct brute-force attacks against SSH instances to expand in size and scale and deliver additional malware to the infected hosts. "Rather than...
CVE-2022-32974
An authenticated attacker could read arbitrary files from the underlying operating system of the scanner using a custom crafted compliance audit file without providing any valid SSH credentials...
CVE-2021-40520
Airangel HSMX Gateway devices through 5.2.04 have Weak SSH Credentials...
CVE-2019-20150
In TreasuryXpress 19191105, a logged-in user can discover saved credentials, even though the UI hides them. Using functionality within the application and a malicious host, it is possible to force the application to expose saved SSH/SFTP credentials. This can be done by using the application's...
Outlaw cybergang attacking targets worldwide
Introduction In a recent incident response case in Brazil, we dealt with a relatively simple, yet very effective threat focused on Linux environments. Outlaw also known as "Dota" is a Perl-based crypto mining botnet that typically takes advantage of weak or default SSH credentials for its...