Lucene search
K

6495 matches found

Cvelist
Cvelist
added 2026/06/09 6:9 p.m.39 views

CVE-2026-10045 CVE-2026-10045

Shenzhen Kangda Xin Intelligent Network Technology Company's router, model DR300, version 2.1.2.121, contains hardcoded login credentials and has telnet enabled by default on WAN and LAN interfaces. These vulnerabilities allow attackers to read and write to memory, modify firmware stored in flash...

0.00209EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.17 views

PT-2026-48163

Shenzhen Kangda Xin Intelligent Network Technology Company's router, model DR300, version 2.1.2.121, contains hardcoded login credentials and has telnet enabled by default on WAN and LAN interfaces. These vulnerabilities allow attackers to read and write to memory, modify firmware stored in flash...

5.5AI score0.00209EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.12 views

Kangda Xin DR300 安全漏洞

Kangda Xin DR300 is a wireless router produced by Kangda Xin Corporation. The Kangda Xin DR300 version 2.1.2.121 has a security vulnerability. This vulnerability stems from the inclusion of hardcoded login credentials, with telnet being enabled by default. It may allow attackers to read memory,...

9.8CVSS5.3AI score0.00209EPSS
Exploits0References2
GithubExploit
GithubExploit
added 2026/06/08 5:36 p.m.78 views

Exploit for Argument Injection in Gnu Inetutils

CVE-2026–24061 : GNU InetUtils telnetd Authentication Bypass...

9.8CVSS5.7AI score0.98871EPSS
Exploits61
RedhatCVE
RedhatCVE
added 2026/06/05 7:58 p.m.9 views

CVE-2023-54342

Eclipse Equinox OSGi versions 3.8 through 3.18 contain a remote code execution vulnerability in the console interface that allows unauthenticated attackers to execute arbitrary code by exploiting the fork command functionality. Attackers can establish a telnet connection to the OSGi console,...

9.8CVSS6.7AI score0.00455EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:43 p.m.10 views

CVE-2026-8259

A vulnerability has been found in Tenda AC6 2.0/15.03.06.23. The affected element is an unknown function of the file /goform/telnet of the component httpd. The manipulation of the argument lan.ip leads to os command injection. Remote exploitation of the attack is possible. The exploit has been...

7.2CVSS5.2AI score0.04447EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:42 p.m.9 views

CVE-2026-35904

Incorrect access control in the web management interface of T3 Technology CPE models T625Pro v1.0.07, T6825G v1.0.03, and T7281 v1.0.03 allows unauthorized attackers to enable the Telnet service via sending a crafted request to a vulnerable CGI component...

9.8CVSS5.5AI score0.00547EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:22 p.m.9 views

CVE-2026-7152

A vulnerability was identified in Totolink A8000RU 7.1cu.643b20200521. The affected element is the function setTelnetCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument telnetenabled leads to os command injection. It is possible to launch the attac...

10CVSS7.5AI score0.01766EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:19 p.m.8 views

CVE-2026-5994

A security flaw has been discovered in Totolink A7100RU 7.4cu.2313b20191024. This issue affects the function setTelnetCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Performing a manipulation of the argument telnetenabled results in os command injection. The attack is possible ...

10CVSS7.4AI score0.01803EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:17 p.m.11 views

CVE-2026-42375

D-Link DIR-600L Hardware Revision A1 End-of-Life contains a hardcoded telnet backdoor. The device starts a telnet daemon at boot via /bin/telnetd.sh with the username "Alphanetworks" and the static password "wrgn35dlwbrdir600l" read from /etc/alphaconfig/imagesign. The custom telnetd binary accep...

9.8CVSS5.5AI score0.00472EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:16 p.m.9 views

CVE-2026-42373

D-Link DIR-605L Hardware Revision B2 End-of-Life, EOL contains a hardcoded telnet backdoor. The device starts a telnet daemon at boot via /bin/telnetd.sh with the username "Alphanetworks" and the static password "wrgn76dlwbrdir605L" read from /etc/alphaconfig/imagesign. The custom telnetd binary...

9.8CVSS5.5AI score0.00472EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:16 p.m.11 views

CVE-2026-42374

D-Link DIR-600L Hardware Revision B1 End-of-Life contains a hardcoded telnet backdoor. The device starts a telnet daemon at boot via /bin/telnetd.sh with the username "Alphanetworks" and the static password "wrgn61dlwbrdir600L" read from /etc/alphaconfig/imagesign. The custom telnetd binary accep...

9.8CVSS5.5AI score0.00472EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:16 p.m.11 views

CVE-2026-42372

D-Link DIR-605L Hardware Revision A1 End-of-Life, EOL contains a hardcoded telnet backdoor. The device starts a telnet daemon at boot via /bin/telnetd.sh with the username "Alphanetworks" and the static password "wrgn35dlwbrdir605l" read from /etc/alphaconfig/imagesign. The custom telnetd binary...

8.8CVSS5.5AI score0.003EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:15 p.m.12 views

CVE-2026-42376

D-Link DIR-456U Hardware Revision A1 End-of-Life, EOL contains a hardcoded telnet backdoor. The device starts a telnet daemon at boot via /etc/init0.d/S80telnetd.sh with the username "Alphanetworks" and the static password "whdrv01dlobdir456U" read from /etc/config/imagesign. The custom telnetd...

9.8CVSS5.5AI score0.00461EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:10 p.m.12 views

CVE-2026-35682

Anviz CX2 Lite is vulnerable to an authenticated command injection via a filename parameter that enables arbitrary command execution e.g., starting telnetd, resulting in root‑level access...

8.8CVSS5.8AI score0.01787EPSS
Exploits0References1
NVD
NVD
added 2026/06/05 6:16 p.m.12 views

CVE-2025-71317

NetMan 204 contains a hard-coded backdoor account with the username and password 'eurek' that grants administrative access. A remote, unauthenticated attacker can authenticate through the cgi-bin/login.cgi endpoint for example /cgi-bin/login.cgi?username=eurek&password=eurek, which due to lax...

9.8CVSS0.00432EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/05 5:49 p.m.8 views

CVE-2025-71317

NetMan 204 contains a hard-coded backdoor account with the username and password 'eurek' that grants administrative access. A remote, unauthenticated attacker can authenticate through the cgi-bin/login.cgi endpoint for example /cgi-bin/login.cgi?username=eurek&password=eurek, which due to lax...

9.8CVSS5.4AI score0.00432EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/05 5:49 p.m.31 views

CVE-2025-71317 NetMan 204 Hard-coded Backdoor Credentials

NetMan 204 contains a hard-coded backdoor account with the username and password 'eurek' that grants administrative access. A remote, unauthenticated attacker can authenticate through the cgi-bin/login.cgi endpoint for example /cgi-bin/login.cgi?username=eurek&password=eurek, which due to lax...

9.8CVSS0.00432EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.8 views

RIELLO UPS NetMan 信任管理问题漏洞

Riello UPS NetMan is a network adapter developed by the Italian company Riello UPS. The Riello UPS NetMan 204 has a vulnerability related to trust management. This vulnerability stems from a hardcoded backdoor account with a username and password of “eurek”. Unauthenticated remote attackers can...

9.8CVSS5.4AI score0.00432EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/05 12:0 a.m.14 views

PT-2026-47013

Name of the Vulnerable Software and Affected Versions NetMan version 204 Description NetMan contains a hard-coded backdoor account with the username and password eurek that provides administrative access. A remote, unauthenticated attacker can authenticate through the "/cgi-bin/login.cgi" endpoin...

9.8CVSS5.4AI score0.00432EPSS
Exploits0References9
Rows per page
Query Builder