CVE-2026-4170

A weakness has been identified in Topsec TopACM 3.0. Affected by this vulnerability is an unknown functionality of the file /view/systemConfig/management/nmcsync.php of the component HTTP Request Handler. Executing a manipulation of the argument templatepath can lead to os command injection. The...

CVE-2019-25227

Tellion HN-2204AP routers contain an unauthenticated configuration disclosure vulnerability in the /cgi-bin/systemconfigfile management endpoint. The endpoint allows remote retrieval of a compressed configuration archive without requiring authentication or authorization. The exposed configuration...

CVE-2019-25227 Tellion HN-2204AP Unauthenticated Configuration Disclosure

Tellion HN-2204AP routers contain an unauthenticated configuration disclosure vulnerability in the /cgi-bin/systemconfigfile management endpoint. The endpoint allows remote retrieval of a compressed configuration archive without requiring authentication or authorization. The exposed configuration...

CVE-2019-25227 Tellion HN-2204AP Unauthenticated Configuration Disclosure

Tellion HN-2204AP routers contain an unauthenticated configuration disclosure vulnerability in the /cgi-bin/systemconfigfile management endpoint. The endpoint allows remote retrieval of a compressed configuration archive without requiring authentication or authorization. The exposed configuration...

CVE-2019-25227

Tellion HN-2204AP routers are affected by CVE-2019-25227 due to an unauthenticated disclosure vulnerability in the /cgi-bin/system_config_file management endpoint. The endpoint allows remote retrieval of a compressed configuration archive without authentication or authorization, potentially expos...

EUVD-2022-41731

Malicious code in bioql PyPI...

CVE-2025-11126

A security flaw has been discovered in Apeman ID71 218.53.203.117. This vulnerability affects unknown code of the file /system/www/system.ini. The manipulation results in hard-coded credentials. The attack may be performed from remote. The exploit has been released to the public and may be...

CVE-2025-10264 Digiever｜NVR - Exposure of Sensitive Information

Certain models of NVR developed by Digiever has an Exposure of Sensitive Information vulnerability, allowing unauthenticated remoter attackers to access the system configuration file and obtain plaintext credentials of the NVR and its connected cameras...

PT-2025-26685 · Sapido · Sapido Wireless Router

Name of the Vulnerable Software and Affected Versions: Sapido Wireless Router affected versions not specified Description: The issue allows unauthenticated remote attackers to directly access a system configuration file and obtain plaintext administrator credentials. The affected models are out o...

CVE-2025-0785

A vulnerability was found in ESAFENET CDG V5 and classified as problematic. This issue affects some unknown processing of the file /SysConfig.jsp. The manipulation of the argument help leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the publi...

PT-2025-2590 · Google · Android Wificonfigurationutil

Name of the Vulnerable Software and Affected Versions: Android WifiConfigurationUtil affected versions not specified Description: A logic error in the code of WifiConfigurationUtil.java, specifically in the validateSsid function, could lead to a local denial of service due to a possible overflow ...

CVE-2025-0485

CVE-2025-0485 — Fanli2012 native-php-cms 1.0 is affected. An unknown function in /fladmin/sysconfig_doedit.php is susceptible to cross-site scripting via manipulation of the argument info. The vulnerability can be exploited remotely, and the exploit has been disclosed publicly. No remediation det...

ASB-A-275339978

In validatePassword of WifiConfigurationUtil.java, there is a possible way to get the device into a boot loop due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

Design/Logic Flaw

EXFO - BV-10 Performance Endpoint Unit misconfiguration. System configuration file has misconfigured permissions...

EXFO BV-10 安全漏洞

The EXFO BV-10 is a low-cost, easy-to-configure, purpose-built, intelligent performance endpoint device from EXFO Canada. A security vulnerability exists in the EXFO BV-10 that stems from a system configuration file having misconfigured permissions...

Crafter CMS 安全漏洞

Crafter CMS is an open source content management system CMS for digital experience applications.A security vulnerability exists in Crafter CMS, which stems from the possibility that an authenticated administrator could override the system configuration file. An attacker could exploit this...

DEBIAN-CVE-2020-29600

In AWStats through 7.7, cgi-bin/awstats.pl?config= accepts an absolute pathname, even though it was intended to only read a file in the /etc/awstats/awstats.conf format. NOTE: this issue exists because of an incomplete fix for CVE-2017-1000501...

Trend Micro InterScan Web Security Virtual Appliance transparent_setting CRLF Injection Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on vulnerable installations of Trend Micro InterScan Web Security Virtual Appliance. Authentication is not required to exploit this vulnerability. The specific flaw exists within transparentsetting. The issue results from the lac...

The vulnerability of the ABB PCM600 control and configuration device allows a intruder to gain access to user passwords.

The vulnerability of the ABB PCM600 control and configuration device lies in the storage of passwords in an unencrypted form. Exploiting this vulnerability could allow a malicious actor, operating locally, to gain access to the passwords of the IEC61850 OPC server by analyzing the System.xml...

CVE-2013-1060

A certain Ubuntu build procedure for perf, as distributed in the Linux kernel packages in Ubuntu 10.04 LTS, 12.04 LTS, 12.10, 13.04, and 13.10, sets the HOME environment variable to the buildd directory and consequently reads the system configuration file from the buildd directory, which allows...