GHSA-GV2F-Q4WP-FVH5 Duplicate Advisory: OpenClaw: CLI Remote Onboarding Persists Unauthenticated Discovery Endpoint and Exfiltrates Gateway Credentials

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-3cw3-5vxw-g2h3. This link is maintained to preserve external references. Original Description OpenClaw before 2026.3.28 contains an authentication bypass vulnerability in the remote onboarding component that...

CVE-2019-25651

Ubiquiti UniFi Network Controller prior to 5.10.12 excluding 5.6.42, UAP FW prior to 4.0.6, UAP-AC, UAP-AC v2, and UAP-AC Outdoor FW prior to 3.8.17, USW FW prior to 4.0.6, USG FW prior to 4.4.34 uses AES-CBC encryption for device-to-controller communication, which contains cryptographic weakness...

EUVD-2021-20221

Malware in sbrugna...

EUVD-2007-4146

Malware in sbrugna...

EUVD-2015-5642

Malware in sbrugna...

EUVD-2020-28690

Malware in sbrugna...

EUVD-2024-35266

Malicious code in bioql PyPI...

EUVD-2025-8625

Malicious code in bioql PyPI...

CVE-2025-8448

CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists that could cause unauthorized access to sensitive credential data when an attacker is able to capture local SMB traffic between a valid user within the BMS network and the vulnerable products...

io.github.andrekurait.trafficcapture:dockerSolution (>=0.1.3 <=0.1.5), io.github.andrekurait.trafficcapture:trafficCaptureProxyServer (>=0.1.3 <=0.1.5) +6 more potentially affected by unknown CVE via org.opensearch.plugin:opensearch-security (=2.11.1.0)

org.opensearch.plugin:opensearch-security MAVEN version =2.11.1.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.opensearch.plugin:opensearch-security and may be impacted: - io.github.andrekurait.trafficcapture:dockerSolution =0.1.3, =0.1.3, =0.1....

io.github.andrekurait.trafficcapture:dockerSolution (>=0.1.3 <=0.1.5), io.github.andrekurait.trafficcapture:trafficCaptureProxyServer (>=0.1.3 <=0.1.5) +6 more potentially affected by unknown CVE via org.opensearch.plugin:opensearch-security (=2.11.1.0)

org.opensearch.plugin:opensearch-security MAVEN version =2.11.1.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.opensearch.plugin:opensearch-security and may be impacted: - io.github.andrekurait.trafficcapture:dockerSolution =0.1.3, =0.1.3, =0.1....

CVE-2024-35294

An unauthenticated remote attacker may use the devices traffic capture without authentication to grab plaintext administrative credentials...

HoneyWin: High-Interaction Windows Honeypot in Enterprise Environment

Windows operating systems OS are ubiquitous in enterprise Information Technology IT and operational technology OT environments. Due to their widespread adoption and known vulnerabilities, they are often the primary targets of malware and ransomware attacks. With 93% of the ransomware targeting...

CVE-2025-2859

An attacker with network access, could capture traffic and obtain user cookies, allowing the attacker to steal the active user session and make changes to the device via web, depending on the privileges obtained by the user...

CVE-2025-2859

An attacker with network access, could capture traffic and obtain user cookies, allowing the attacker to steal the active user session and make changes to the device via web, depending on the privileges obtained by the user...

Arteche saTECH BCU 授权问题漏洞

The Arteche saTECH BCU is a flight room control unit from Arteche. An authorization issue vulnerability exists in the Arteche saTECH BCU version 2.1.3, which originates from an attacker being able to capture traffic and obtain a user cookie to steal active sessions and change the device based on...

CVE-2024-35294

An unauthenticated remote attacker may use the devices traffic capture without authentication to grab plaintext administrative credentials...

CVE-2024-35294 Schneider Elektronik Series 700 prone to missing authentication for traffic capture function

An unauthenticated remote attacker may use the devices traffic capture without authentication to grab plaintext administrative credentials...

CVE-2024-35294

CVE-2024-35294 affects Schneider Electric Series 700 devices, where an unauthenticated remote attacker can use the device’s traffic capture function to obtain plaintext administrative credentials. The available connected sources identify the vulnerability as an access control/traffic-capture expo...

CVE-2024-35294 Schneider Elektronik Series 700 prone to missing authentication for traffic capture function

An unauthenticated remote attacker may use the devices traffic capture without authentication to grab plaintext administrative credentials...