Lucene search
K

6498 matches found

Positive Technologies
Positive Technologies
added 2026/06/05 12:0 a.m.14 views

PT-2026-47013

Name of the Vulnerable Software and Affected Versions NetMan version 204 Description NetMan contains a hard-coded backdoor account with the username and password eurek that provides administrative access. A remote, unauthenticated attacker can authenticate through the "/cgi-bin/login.cgi" endpoin...

9.8CVSS5.4AI score0.00432EPSS
Exploits0References9
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.10 views

RIELLO UPS NetMan 信任管理问题漏洞

Riello UPS NetMan is a network adapter developed by the Italian company Riello UPS. The Riello UPS NetMan 204 has a vulnerability related to trust management. This vulnerability stems from a hardcoded backdoor account with a username and password of “eurek”. Unauthenticated remote attackers can...

9.8CVSS5.4AI score0.00432EPSS
Exploits0References3
OSV
OSV
added 2026/06/04 11:16 p.m.18 views

USN-8387-1 inetutils vulnerabilities

It was discovered that the Inetutils telnet daemon incorrectly handled the CREDENTIALSDIRECTORY environment variable. An attacker could possibly use this issue to escalate privileges. CVE-2026-28372 It was discovered that the Inetutils telnet daemon did not properly validate buffer bounds when...

9.8CVSS7.5AI score0.23674EPSS
Exploits13References4
Ubuntu
Ubuntu
added 2026/06/04 11:16 p.m.17 views

USN-8387-1: Inetutils vulnerabilities

It was discovered that the Inetutils telnet daemon incorrectly handled the CREDENTIALSDIRECTORY environment variable. An attacker could possibly use this issue to escalate privileges. CVE-2026-28372 It was discovered that the Inetutils telnet daemon did not properly validate buffer bounds when...

9.8CVSS7.5AI score0.23674EPSS
Exploits13
EUVD
EUVD
added 2026/06/04 3:30 p.m.12 views

EUVD-2026-34274

Incorrect access control in the web management interface of T3 Technology CPE models T625Pro v1.0.07, T6825G v1.0.03, and T7281 v1.0.03 allows unauthorized attackers to enable the Telnet service via sending a crafted request to a vulnerable CGI component...

5.8AI score0.00547EPSS
Exploits1References5
NVD
NVD
added 2026/06/04 3:16 p.m.23 views

CVE-2026-35904

Incorrect access control in the web management interface of T3 Technology CPE models T625Pro v1.0.07, T6825G v1.0.03, and T7281 v1.0.03 allows unauthorized attackers to enable the Telnet service via sending a crafted request to a vulnerable CGI component...

9.8CVSS0.00547EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/06/04 12:0 a.m.21 views

CVE-2026-35904

Incorrect access control in the web management interface of T3 Technology CPE models T625Pro v1.0.07, T6825G v1.0.03, and T7281 v1.0.03 allows unauthorized attackers to enable the Telnet service via sending a crafted request to a vulnerable CGI component...

5.8AI score0.00547EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/06/04 12:0 a.m.39 views

CVE-2026-35904

Incorrect access control in the web management interface of T3 Technology CPE models T625Pro v1.0.07, T6825G v1.0.03, and T7281 v1.0.03 allows unauthorized attackers to enable the Telnet service via sending a crafted request to a vulnerable CGI component...

0.00547EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2026/06/04 12:0 a.m.7 views

CVE-2026-35904

Incorrect access control in the web management interface of T3 Technology CPE models T625Pro v1.0.07, T6825G v1.0.03, and T7281 v1.0.03 allows unauthorized attackers to enable the Telnet service via sending a crafted request to a vulnerable CGI component...

5.5AI score0.00547EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.17 views

PT-2026-46240

Incorrect access control in the web management interface of T3 Technology CPE models T625Pro v1.0.07, T6825G v1.0.03, and T7281 v1.0.03 allows unauthorized attackers to enable the Telnet service via sending a crafted request to a vulnerable CGI component...

5.8AI score0.00547EPSS
Exploits1References5
CVE
CVE
added 2026/06/04 12:0 a.m.27 views

CVE-2026-35904

CVE-2026-35904 affects T3 Technology CPE models: T625Pro v1.0.07, T6825G v1.0.03, and T7281 v1.0.03. The issue is incorrect access control in the device web management CGI component, allowing unauthenticated attackers to enable Telnet via a crafted request. Public exploit/poC exists (GitHub advis...

9.8CVSS5.8AI score0.00547EPSS
Exploits1References4
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.8 views

T3 Technology CPE models 安全漏洞

T3 Technology CPE models are a series of 4G/5G customer premises equipment developed by the Thai company T3 Technology. The T3 Technology CPE models with versions v1.0.07, T6825G v1.0.03, and T7281 v1.0.03 contain security vulnerabilities. These vulnerabilities stem from improper access control i...

9.8CVSS5.3AI score0.00547EPSS
Exploits1References4
GithubExploit
GithubExploit
added 2026/06/03 4:2 p.m.98 views

Exploit for CVE-2026-35904

T3 Technology CPE — Security Advisories Multiple critical vul...

5.8AI score0.00547EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2026/06/03 12:0 a.m.18 views

PT-2026-46055

Name of the Vulnerable Software and Affected Versions DD-WRT affected versions not specified Description A stack-based buffer overflow exists in the UPnP service of certain DD-WRT router firmware. The issue occurs when the service incorrectly handles large ST:uuid values within crafted M-SEARCH...

5.9AI score
Exploits1References17
NVD
NVD
added 2026/05/29 9:16 a.m.22 views

CVE-2026-49200

The acercgi.log file in the device firmware is accessible without authentication via the web interface. This file contains cleartext login credentials for web and Telnet, leading to unauthorized system access...

10CVSS0.00518EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/29 8:51 a.m.50 views

CVE-2026-49200 Acer Wave 7 router: Broken Access Control

The acercgi.log file in the device firmware is accessible without authentication via the web interface. This file contains cleartext login credentials for web and Telnet, leading to unauthorized system access...

10CVSS0.00518EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/29 8:51 a.m.16 views

CVE-2026-49200

The acercgi.log file in the device firmware is accessible without authentication via the web interface. This file contains cleartext login credentials for web and Telnet, leading to unauthorized system access...

10CVSS5.8AI score0.00518EPSS
Exploits0References2
CVE
CVE
added 2026/05/29 8:51 a.m.44 views

CVE-2026-49200

The CVE-2026-49200 entry affects Acer Wave 7 router firmware. The root issue is that the acer_cgi.log file is accessible without authentication via the web interface, and this log contains cleartext credentials for web and Telnet. This exposure can lead to unauthorized system access and high impa...

10CVSS5.8AI score0.00518EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2026/05/29 8:51 a.m.15 views

EUVD-2026-33270

The acercgi.log file in the device firmware is accessible without authentication via the web interface. This file contains cleartext login credentials for web and Telnet, leading to unauthorized system access...

10CVSS5.8AI score0.00518EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/29 12:0 a.m.20 views

PT-2026-44770

Name of the Vulnerable Software and Affected Versions Acer Wave 7 router affected versions not specified Description The acer cgi.log file in the device firmware is accessible without authentication via the web interface. This file contains cleartext login credentials for both web and Telnet...

10CVSS5.8AI score0.00518EPSS
Exploits0References9
Rows per page
Query Builder