6 matches found
CVE-2026-25775 SenseLive X3050 Missing authentication for critical function
A vulnerability in SenseLive X3050’s remote management service allows firmware retrieval and update operations to be performed without authentication or authorization. The service accepts firmware-related requests from any reachable host and does not verify user privileges, integrity of uploaded...
EUVD-2019-2654
Malware in sbrugna...
CVE-2020-35801
Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects JGS516PE before 2.6.0.48, JGS524Ev2 before 2.6.0.48, JGS524PE before 2.6.0.48, and GS116Ev2 before 2.6.0.48. A TFTP server was found to be active by default. It allows remote authenticated users to...
WAGO PFC200 Input Validation Error Vulnerability
The WAGO PFC 200 is a programmable logic controller PLC from the German company WAGO. An input validation error vulnerability exists in the cloud connectivity feature in WAGO PFC 200 using firmware versions 03.02.0214, 03.01.0713, and 03.00.3912. An attacker could exploit this vulnerability to ga...
Design/Logic Flaw
A vulnerability has been identified in SINEMA Server All versions V14.0 SP2 Update 1. Incorrect session validation could allow an attacker with a valid session, with low privileges, to perform firmware updates and other administrative operations on connected devices. The security vulnerability...
Design/Logic Flaw
This vulnerability allows adjacent attackers to inject arbitrary Controller Area Network messages on vulnerable installations of Volkswagen Customer-Link App 1.30 and HTC Customer-Link Bridge. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...