Laravel Framework Detection (Linux/Unix SSH Login)

SSH login-based detection of Laravel Framework. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2025-48415

A USB backdoor feature can be triggered by attaching a USB drive that contains specially crafted "salia.ini" files. The .ini file can contain several "commands" that could be exploited by an attacker to export or modify the device configuration, enable an SSH backdoor or perform other...

CVE-2025-48413

The /etc/passwd and /etc/shadow files reveal hard-coded password hashes for the operating system "root" user. The credentials are shipped with the update files. There is no option for deleting or changing their passwords for an enduser. An attacker can use the credentials to log into the device...

CVE-2025-41380

Iridium Certus 700 version 1.0.1 has an embedded credentials vulnerability in the code. This vulnerability allows a local user to retrieve the SSH hash string...

CVE-2025-41380 Injection vulnerability in Iridium Certus 700

Iridium Certus 700 version 1.0.1 has an embedded credentials vulnerability in the code. This vulnerability allows a local user to retrieve the SSH hash string...

CVE-2025-41380 Injection vulnerability in Iridium Certus 700

Iridium Certus 700 version 1.0.1 has an embedded credentials vulnerability in the code. This vulnerability allows a local user to retrieve the SSH hash string...

CVE-2025-41380

CVE-2025-41380 affects Iridium Certus 700, version 1.0.1. The vulnerability is an embedded credentials issue that lets a local user retrieve the SSH hash string. CVSS v4.0 base score 6.1 (MEDIUM); vector: LOCAL, low attack complexity, no user interaction required, privileges required LOW. Impact ...

CVE-2025-22968

An issue in D-Link DWR-M972V 1.05SSG allows a remote attacker to execute arbitrary code via SSH using root account without restrictions...

CVE-2024-39345

AdTran 834-5 HDC17600021F1 SmartOS 11.1.1.1 devices enable the SSH service by default and have a hidden, undocumented, hard-coded support account whose password is based on the devices MAC address. All of the devices internet interfaces share a similar MAC address that only varies in their final...

CVE-2024-31970

AdTran SRG 834-5 HDC17600021F1 devices with SmartOS 11.1.1.1 and fixed in Version 12.1.3.1 have SSH enabled by default, accessible both over the LAN and the Internet. During a window of time when the device is being set up, it uses a default username and password combination of admin/admin with...

CVE-2024-29960

In Brocade SANnav server before v2.3.1 and v2.3.0a, the SSH keys inside the OVA image are identical in the VM every time SANnav is installed. Any Brocade SAnnav VM based on the official OVA images is vulnerable to MITM over SSH. An attacker can decrypt and compromise the SSH traffic to the SANnav...

CVE-2024-29951

Brocade SANnav before v2.3.1 and v2.3.0a uses the SHA-1 hash in internal SSH ports that are not open to remote connection...

CVE-2024-26303

Authenticated Denial of Service Vulnerability in ArubaOS-Switch SSH Daemon...

CVE-2024-7517

A command injection vulnerability in Brocade Fabric OS before 9.2.0c, and 9.2.1 through 9.2.1a on IP extension platforms could allow a local authenticated attacker to perform a privileged escalation via crafted use of the portcfg command. This specific exploitation is only possible on IP Extensio...

CVE-2024-21653

The vantage6 technology enables to manage and deploy privacy enhancing technologies like Federated Learning FL and Multi-Party Computation MPC. Nodes and servers get a ssh config by default that permits root login with password authentication. In a proper deployment, the SSH service is not expose...

CVE-2024-5313

CWE-668: Exposure of the Resource Wrong Sphere vulnerability exists that exposes a SSH interface over the product network interface. This does not allow to directly exploit the product or make any unintended operation as the SSH interface access is protected by an authentication mechanism. Impact...

CVE-2024-5813

A medium severity vulnerability in BIPS has been identified where an authenticated attacker with high privileges can access the SSH private keys via an information leak in the server response...

CVE-2024-10100

A path traversal vulnerability exists in binary-husky/gptacademic version 3.83. The vulnerability is due to improper handling of the file parameter, which is open to path traversal through URL encoding. This allows attackers to view any file on the host system, including sensitive files such as...

CVE-2024-28812

An issue was discovered in Infinera hiT 7300 5.60.50. A hidden SSH service on the local management network interface with hardcoded credentials allows attackers to access the appliance operating system with highest privileges via an SSH connection...

CVE-2024-55560

MailCleaner before 28d913e has default values of sshhostdsakey, sshhostrsakey, and sshhosted25519key that persist after installation...