Lucene search
K

117 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-39098

Malicious code in bioql PyPI...

6.8CVSS6.7AI score0.00359EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-32828

Malicious code in bioql PyPI...

6.8CVSS6.7AI score0.00585EPSS
Exploits1References14
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-32395

Malicious code in bioql PyPI...

7.5CVSS6.5AI score0.03138EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-20201

Malicious code in bioql PyPI...

6.8CVSS6.6AI score0.0078EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-32831

Malicious code in bioql PyPI...

4.6CVSS5.2AI score0.00487EPSS
Exploits1References8
RedhatCVE
RedhatCVE
added 2025/10/03 12:46 a.m.12 views

CVE-2023-28760

TP-Link AX1800 WiFi 6 Router Archer AX21 devices allow unauthenticated attackers on the LAN to execute arbitrary code as root via the dbdir field to minidlnad. The attacker obtains the ability to modify files.db, and that can be used to reach a stack-based buffer overflow in...

7.5CVSS8.1AI score0.03138EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/10/02 12:0 a.m.15 views

CVE-2023-28760

TP-Link AX1800 WiFi 6 Router Archer AX21 devices allow unauthenticated attackers on the LAN to execute arbitrary code as root via the dbdir field to minidlnad. The attacker obtains the ability to modify files.db, and that can be used to reach a stack-based buffer overflow in...

0.03138EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/10/02 12:0 a.m.7 views

CVE-2023-28760

TP-Link AX1800 WiFi 6 Router Archer AX21 devices allow unauthenticated attackers on the LAN to execute arbitrary code as root via the dbdir field to minidlnad. The attacker obtains the ability to modify files.db, and that can be used to reach a stack-based buffer overflow in...

7.7AI score0.03138EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/07/09 10:22 a.m.6 views

CVE-2025-3705

A physical attacker with no privileges can gain full control of the affected device due to improper neutralization of special elements used in an OS Command 'OS Command Injection' when loading a config file from a USB drive...

6.8CVSS6.5AI score0.0078EPSS
Exploits0References1
NVD
NVD
added 2025/07/07 10:15 a.m.8 views

CVE-2025-3705

A physical attacker with no privileges can gain full control of the affected device due to improper neutralization of special elements used in an OS Command 'OS Command Injection' when loading a config file from a USB drive...

6.8CVSS0.0078EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/07/07 9:20 a.m.5 views

CVE-2025-3705 OS Command Injection via USB Config Load

A physical attacker with no privileges can gain full control of the affected device due to improper neutralization of special elements used in an OS Command 'OS Command Injection' when loading a config file from a USB drive...

6.8CVSS6.5AI score0.0078EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/07/07 12:0 a.m.5 views

PT-2025-28144 · Frauscher · Fds-Snmp101 +2

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: A physical attacker with no privileges can gain full control of the affected device due to improper neutralization of special elements used in an OS Command when loading a config file from a...

6.8CVSS6.2AI score0.0078EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2025/05/22 9:0 p.m.8 views

CVE-2021-20121

The Telus Wi-Fi Hub PRV65B444A-S-TS with firmware version 3.00.20 is vulnerable to an authenticated arbitrary file read. An authenticated user with physical access to the device can read arbitrary files from the device by preparing and connecting a specially prepared USB drive to the device, and...

4CVSS6.5AI score0.00482EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:58 p.m.4 views

CVE-2021-20153

Trendnet AC2600 TEW-827DRU version 2.08B01 contains a symlink vulnerability in the bittorrent functionality. If enabled, the bittorrent functionality is vulnerable to a symlink attack that could lead to remote code execution on the device. If an end user inserts a flash drive with a malicious...

6.9CVSS8.5AI score0.00958EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:9 p.m.8 views

CVE-2020-5797

UNIX Symbolic Link Symlink Following in TP-Link Archer C9USV1180125 firmware allows an unauthenticated actor, with physical access and network access, to read sensitive files and write to a limited set of files after plugging a crafted USB drive into the router...

6.1CVSS6.7AI score0.00649EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/05/21 12:13 p.m.16 views

CVE-2025-48415 Backdoor Functionality via USB Drive in eCharge Hardy Barth cPH2 / cPP2 charging stations

A USB backdoor feature can be triggered by attaching a USB drive that contains specially crafted "salia.ini" files. The .ini file can contain several "commands" that could be exploited by an attacker to export or modify the device configuration, enable an SSH backdoor or perform other...

0.002EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/05/21 12:13 p.m.5 views

CVE-2025-48415 Backdoor Functionality via USB Drive in eCharge Hardy Barth cPH2 / cPP2 charging stations

A USB backdoor feature can be triggered by attaching a USB drive that contains specially crafted "salia.ini" files. The .ini file can contain several "commands" that could be exploited by an attacker to export or modify the device configuration, enable an SSH backdoor or perform other...

7AI score0.002EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/04/23 4:48 p.m.13 views

CVE-2025-2763 CarlinKit CPC200-CCPA Improper Verification of Cryptographic Signature Code Execution Vulnerability

CarlinKit CPC200-CCPA Improper Verification of Cryptographic Signature Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of CarlinKit CPC200-CCPA devices. Authentication is not required to exploit this...

6.8CVSS0.00173EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2025/03/05 2:8 p.m.25 views

Defending against USB drive attacks with Wazuh

USB drive attacks constitute a significant cybersecurity risk, taking advantage of the everyday use of USB devices to deliver malware and circumvent traditional network security measures. These attacks lead to data breaches, financial losses, and operational disruptions, with lasting impacts on a...

7AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/02/28 12:20 a.m.9 views

CVE-2024-52925

In OPSWAT MetaDefender Kiosk before 4.7.0, arbitrary code execution can be performed by an attacker via the MD Kiosk Unlock Device feature for software encrypted USB drives...

6.8CVSS7.7AI score0.00313EPSS
Exploits0References1
Rows per page
Query Builder