Lucene search
K

197 matches found

Gitee
Gitee
added 2025/09/06 12:43 p.m.95 views

Exploit for Deserialization of Untrusted Data in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

This repository contains Nmap NSE Network Sniffer Engine scripts designed to check for log4shell or LogJam vulnerabilities CVE-2021-44228 in various services. The scripts are written in Lua and are intended to be used with the Nmap network scanning tool. The scripts are categorized into different...

10CVSS7.4AI score0.99999EPSS
Exploits351
Positive Technologies
Positive Technologies
added 2025/08/29 12:0 a.m.6 views

PT-2025-35225

Name of the Vulnerable Software and Affected Versions: AiondaDotCom mcp-ssh versions through 1.0.3 Description: A security flaw exists in AiondaDotCom mcp-ssh related to an unknown functionality within the file server-simple.mjs component. Manipulation of this functionality can lead to remote...

6.5CVSS6.5AI score0.01349EPSS
Exploits0References12
NVD
NVD
added 2025/08/08 4:15 p.m.44 views

CVE-2025-8731

A vulnerability was identified in TRENDnet TI-G160i, TI-PG102i and TPL-430AP up to 20250724. This affects an unknown part of the component SSH Service. The manipulation leads to use of default credentials. It is possible to initiate the attack remotely. The exploit has been disclosed to the publi...

10CVSS0.00585EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/08/08 3:32 p.m.4 views

CVE-2025-8731 TRENDnet TI-G160i/TI-PG102i/TPL-430AP SSH Service default credentials

A vulnerability was identified in TRENDnet TI-G160i, TI-PG102i and TPL-430AP up to 20250724. This affects an unknown part of the component SSH Service. The manipulation leads to use of default credentials. It is possible to initiate the attack remotely. The exploit has been disclosed to the publi...

10CVSS9.6AI score0.00585EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/08/08 3:32 p.m.38 views

CVE-2025-8731 TRENDnet TI-G160i/TI-PG102i/TPL-430AP SSH Service default credentials

A vulnerability was identified in TRENDnet TI-G160i, TI-PG102i and TPL-430AP up to 20250724. This affects an unknown part of the component SSH Service. The manipulation leads to use of default credentials. It is possible to initiate the attack remotely. The exploit has been disclosed to the publi...

10CVSS0.00585EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/08/07 12:31 a.m.8 views

CVE-2025-43980

An issue was discovered on FIRSTNUM JC21A-04 devices through 2.01ME/FN. They enable the SSH service by default with the credentials of root/admin. The GUI doesn't offer a way to disable the account...

6.5CVSS6.4AI score0.00245EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/08/05 12:0 a.m.15 views

PT-2025-31964 · Undefined · Undefined

Hi, I run a following script for a vulnerability test for my home network; nmap 192.168.1.1/24 -n -sP |rg -o "192." scan.txt nmap -sV --script vulners --script-args mincvss=7.0 -iL scan.txt Then I get this Vulner output in port 80; Nmap scan report for 192.168.1.5 Host is up 0.00021s latency. Not...

9.1CVSS6.1AI score0.04409EPSS
Exploits2References1
Positive Technologies
Positive Technologies
added 2025/08/05 12:0 a.m.4 views

PT-2025-31947 · Firstnum · Firstnum Jc21A-04

Name of the Vulnerable Software and Affected Versions: FIRSTNUM JC21A-04 devices versions through 2.01ME/FN Description: FIRSTNUM JC21A-04 devices enable the SSH service by default with the credentials root/admin. The graphical user interface GUI does not provide a method to disable this account...

6.5CVSS6.6AI score0.00245EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/08/05 12:0 a.m.3 views

CVE-2025-43980

An issue was discovered on FIRSTNUM JC21A-04 devices through 2.01ME/FN. They enable the SSH service by default with the credentials of root/admin. The GUI doesn't offer a way to disable the account...

6.5AI score0.00245EPSS
Exploits0References2
CVE
CVE
added 2025/08/05 12:0 a.m.19 views

CVE-2025-43980

The CVE pertains to FIRSTNUM JC21A-04 devices (versions through 2.01ME/FN). The issue is that SSH is enabled by default and authenticates with root/admin credentials, and the GUI provides no way to disable this account. This creates an environment where remote access could be gained under default...

6.5CVSS7.2AI score0.00245EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/07/04 9:24 a.m.17 views

CVE-2025-24332

Nokia Single RAN AirScale baseband allows an authenticated administrative user access to all physical boards after performing a single login to the baseband system board. The baseband does not re-authenticate the user when they connect from the baseband system board to the baseband capacity board...

7.1CVSS6.1AI score0.00169EPSS
Exploits0References1
CVE
CVE
added 2025/07/02 8:31 a.m.24 views

CVE-2025-24332

Nokia Single RAN AirScale baseband prior to 23R4-SR 3.0 MP is affected. An authenticated administrative user can move laterally across baseband boards via the internal bsoc SSH over the baseband backplane, using an SSH private key on the baseband system board, without re-authentication. This effe...

7.1CVSS6.2AI score0.00169EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:46 a.m.9 views

CVE-2024-28812

An issue was discovered in Infinera hiT 7300 5.60.50. A hidden SSH service on the local management network interface with hardcoded credentials allows attackers to access the appliance operating system with highest privileges via an SSH connection...

8.8CVSS6.7AI score0.00298EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:42 a.m.7 views

CVE-2023-48251

The vulnerability allows a remote attacker to authenticate to the SSH service with root privileges through a hidden hard-coded account...

9.8CVSS7AI score0.00559EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 4:12 a.m.5 views

CVE-2023-39808

N.V.K.INTER CO., LTD. NVK iBSG v3.5 was discovered to contain a hardcoded root password which allows attackers to login with root privileges via the SSH service...

9.8CVSS7.5AI score0.00671EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 10:4 p.m.7 views

CVE-2022-30318

Honeywell ControlEdge through R151.1 uses Hard-coded Credentials. According to FSCT-2022-0056, there is a Honeywell ControlEdge hardcoded credentials issue. The affected components are characterized as: SSH. The potential impact is: Remote code execution, manipulate configuration, denial of...

9.8CVSS7.7AI score0.01395EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:9 a.m.10 views

CVE-2019-15017

The SSH service is enabled on the Zingbox Inspector versions 1.294 and earlier, exposing SSH to the local network. When combined with PAN-SA-2019-0027, this can allow an attacker to authenticate to the service using hardcoded credentials...

8.4CVSS6.7AI score0.00356EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:7 a.m.12 views

CVE-2019-14326

An issue was discovered in AndyOS Andy versions up to 46.11.113. By default, it starts telnet and ssh ports 22 and 23 with root privileges in the emulated Android system. This can be exploited by remote attackers to gain full access to the device, or by malicious apps installed inside the emulato...

7.8CVSS7.8AI score0.01285EPSS
Exploits1References1
NVD
NVD
added 2025/05/09 4:15 p.m.15 views

CVE-2025-28202

Incorrect access control in Victure RX1800 ENV1.0.0r12110933 allows attackers to enable SSH and Telnet services without authentication...

8.8CVSS0.00473EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/05/09 12:0 a.m.8 views

CVE-2025-28202

Incorrect access control in Victure RX1800 ENV1.0.0r12110933 allows attackers to enable SSH and Telnet services without authentication...

7.1AI score0.00473EPSS
Exploits1References1
Rows per page
Query Builder