Lucene search
K

75 matches found

RedhatCVE
RedhatCVE
added 2025/09/11 1:23 p.m.15 views

CVE-2025-9994

The Amp’ed RF BT-AP 111 Bluetooth access point's HTTP admin interface does not have an authentication feature, allowing unauthorized access to anyone with network access...

9.8CVSS7.1AI score0.00511EPSS
Exploits0References1
CVE
CVE
added 2025/09/09 1:1 p.m.17 views

CVE-2025-9994

The Amp’ed RF BT-AP 111 Bluetooth access point exposes an HTTP admin interface that has no authentication. This allows any user with network access to gain full administrative control of the device. Current public details do not indicate a fixed version; some sources note no fix is available yet....

9.8CVSS6.5AI score0.00511EPSS
Exploits0References2
CERT
CERT
added 2025/09/09 12:0 a.m.7 views

Amp'ed RF BT-AP 111 Bluetooth access point lacks an authentication mechanism

Overview The Amp’ed RF BT-AP 111 Bluetooth Access Point exposes an HTTP-based administrative interface without authentication controls. This allows an unauthenticated remote attacker to gain full administrative access to the device. Description The Amp’ed RF BT-AP 111 is a Bluetooth-to-Ethernet...

9.8CVSS7.2AI score0.00511EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/09/09 12:0 a.m.6 views

PT-2025-36732

Name of the Vulnerable Software and Affected Versions: Amp’ed RF BT-AP 111 Bluetooth access point affected versions not specified Description: The HTTP admin interface lacks an authentication feature, enabling unauthorized access to individuals with network access. Recommendations: At the moment,...

9.8CVSS6.7AI score0.00511EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2025/05/22 10:14 p.m.8 views

CVE-2022-36222

Nokia Fastmile 3tg00118abad52 devices shipped by Optus are shipped with a default hardcoded admin account of admin:Nq+L5st7o This account can be used locally to access the web admin interface...

8.4CVSS7AI score0.00287EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:32 a.m.15 views

CVE-2019-14222

An issue was discovered in Alfresco Community Edition versions 6.0 and lower. An unauthenticated, remote attacker could authenticate to Alfresco's Solr Web Admin Interface. The vulnerability is due to the presence of a default private key that is present in all default installations. An attacker...

9.8CVSS7AI score0.03014EPSS
Exploits1References1
CNNVD
CNNVD
added 2024/08/21 12:0 a.m.4 views

Cisco Unified Communications Manager 安全漏洞

Cisco Unified Communications Manager is a call processing component of a unified communications system from Cisco. The component provides a scalable, distributable and highly available enterprise IP telephony call processing solution. A cross-site scripting vulnerability exists in Cisco Unified...

6.1CVSS6AI score0.00349EPSS
Exploits0References3
Cvelist
Cvelist
added 2023/09/14 4:43 p.m.19 views

CVE-2023-4951 Cross Site Scripting (XSS) Issue on "Client Based Authentication Policy Configuration" Screen

A cross site scripting issue was discovered with the pagination function on the "Client-based Authentication Policy Configuration" screen of the GreenRADIUS web admin interface. This issue is found in GreenRADIUS v5.1.1.1 and prior. A fix was included in v5.1.2.2...

2CVSS5.2AI score0.00268EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/09/14 4:43 p.m.12 views

CVE-2023-4951 Cross Site Scripting (XSS) Issue on "Client Based Authentication Policy Configuration" Screen

A cross site scripting issue was discovered with the pagination function on the "Client-based Authentication Policy Configuration" screen of the GreenRADIUS web admin interface. This issue is found in GreenRADIUS v5.1.1.1 and prior. A fix was included in v5.1.2.2...

2CVSS6.2AI score0.00268EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2023/02/15 6:9 a.m.4 views

SUSE CVE-2008-0564

Multiple cross-site scripting XSS vulnerabilities in Mailman before 2.1.10b1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors related to 1 editing templates and 2 the list's "info attribute" in the web administrator interface, a different vulnerability than...

4.3CVSS6.1AI score0.01919EPSS
Exploits0References4
NVD
NVD
added 2022/12/21 7:15 p.m.22 views

CVE-2022-36222

Nokia Fastmile 3tg00118abad52 devices shipped by Optus are shipped with a default hardcoded admin account of admin:Nq+L5st7o This account can be used locally to access the web admin interface...

8.4CVSS0.00287EPSS
Exploits1References1
Prion
Prion
added 2022/12/21 7:15 p.m.20 views

Hardcoded credentials

Nokia Fastmile 3tg00118abad52 devices shipped by Optus are shipped with a default hardcoded admin account of admin:Nq+L5st7o This account can be used locally to access the web admin interface...

4.6CVSS8.2AI score0.00287EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologies
added 2022/12/21 12:0 a.m.4 views

PT-2022-23264 · Nokia · Nokia Fastmile

Name of the Vulnerable Software and Affected Versions: Nokia Fastmile 3tg00118abad52 devices affected versions not specified Description: The issue concerns a default hardcoded admin account with the credentials admin:Nq+L5st7o. This account can be used locally to access the web admin interface...

8.4CVSS8AI score0.00287EPSS
Exploits1References3
CVE
CVE
added 2022/12/21 12:0 a.m.60 views

CVE-2022-36222

CVE-2022-36222 affects Nokia Fastmile 3tg00118abad52 devices shipped by Optus. It uses a default hardcoded admin credentials (admin:Nq+L5st7o) that can be used locally to access the web admin interface. The CVSS v3.1 base score is 8.4 (HIGH); attack vector LOCAL, no privileges required, no user i...

8.4CVSS8.2AI score0.00287EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2021/09/21 12:0 a.m.4 views

Plastic Scm安全漏洞

Unity Technologies Plastic Scm is a version control from Unity Technologies, USA. A security vulnerability previously existed in Plastic SCM 10.0.16.5622, which stemmed from Plastic SCM incorrectly handling the WebAdmin server management interface...

7.5CVSS7.3AI score0.08939EPSS
Exploits4References6
BDU FSTEC
BDU FSTEC
added 2020/06/30 12:0 a.m.5 views

The vulnerability in the web-based administration interface of Cisco Small Business RV320, Cisco Small Business RV325, Cisco Small Business RV016, Cisco Small Business RV042, and Cisco Small Business RV082 allows a malicious actor to cause device malfunctions or execute arbitrary code with root privileges.

The vulnerability in the web-based administration interface of Cisco Small Business RV320, Cisco Small Business RV325, Cisco Small Business RV016, Cisco Small Business RV042, and Cisco Small Business RV082 arises from an operation that goes beyond the buffer in memory. Exploiting this vulnerabili...

9CVSS7.8AI score0.03189EPSS
Exploits0References3Affected Software6
OSV
OSV
added 2020/03/04 7:15 p.m.5 views

CVE-2019-19225

A Broken Access Control vulnerability in the D-Link DSL-2680 web administration interface Firmware EU1.03 allows an attacker to change DNS servers without being authenticated on the admin interface by submitting a crafted Forms/dns1 POST request...

7.5CVSS5.8AI score0.02532EPSS
Exploits1References4
Prion
Prion
added 2019/09/05 10:15 p.m.25 views

Design/Logic Flaw

An issue was discovered in Alfresco Community Edition versions 6.0 and lower. An unauthenticated, remote attacker could authenticate to Alfresco's Solr Web Admin Interface. The vulnerability is due to the presence of a default private key that is present in all default installations. An attacker...

7.5CVSS9.3AI score0.03014EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2019/09/05 9:13 p.m.34 views

CVE-2019-14222

An issue was discovered in Alfresco Community Edition versions 6.0 and lower. An unauthenticated, remote attacker could authenticate to Alfresco's Solr Web Admin Interface. The vulnerability is due to the presence of a default private key that is present in all default installations. An attacker...

9.4AI score0.03014EPSS
Exploits1References1
CNVD
CNVD
added 2018/06/22 12:0 a.m.4 views

Cisco Meeting Server Web Management Interface Denial of Service Vulnerability

Cisco Acano X-Series, Meeting Server 1000, and Meeting Server 2000 are video conferencing solutions from Cisco.Web Admin Interface is one of the web-based management interfaces. An input validation vulnerability exists in the Web Admin Interface in the Cisco Acano X-Series, Meeting Server 1000, a...

6.8CVSS6.5AI score0.03228EPSS
Exploits0References1
Rows per page
Query Builder