75 matches found
CVE-2025-9994
The Amp’ed RF BT-AP 111 Bluetooth access point's HTTP admin interface does not have an authentication feature, allowing unauthorized access to anyone with network access...
CVE-2025-9994
The Amp’ed RF BT-AP 111 Bluetooth access point exposes an HTTP admin interface that has no authentication. This allows any user with network access to gain full administrative control of the device. Current public details do not indicate a fixed version; some sources note no fix is available yet....
Amp'ed RF BT-AP 111 Bluetooth access point lacks an authentication mechanism
Overview The Amp’ed RF BT-AP 111 Bluetooth Access Point exposes an HTTP-based administrative interface without authentication controls. This allows an unauthenticated remote attacker to gain full administrative access to the device. Description The Amp’ed RF BT-AP 111 is a Bluetooth-to-Ethernet...
PT-2025-36732
Name of the Vulnerable Software and Affected Versions: Amp’ed RF BT-AP 111 Bluetooth access point affected versions not specified Description: The HTTP admin interface lacks an authentication feature, enabling unauthorized access to individuals with network access. Recommendations: At the moment,...
CVE-2022-36222
Nokia Fastmile 3tg00118abad52 devices shipped by Optus are shipped with a default hardcoded admin account of admin:Nq+L5st7o This account can be used locally to access the web admin interface...
CVE-2019-14222
An issue was discovered in Alfresco Community Edition versions 6.0 and lower. An unauthenticated, remote attacker could authenticate to Alfresco's Solr Web Admin Interface. The vulnerability is due to the presence of a default private key that is present in all default installations. An attacker...
Cisco Unified Communications Manager 安全漏洞
Cisco Unified Communications Manager is a call processing component of a unified communications system from Cisco. The component provides a scalable, distributable and highly available enterprise IP telephony call processing solution. A cross-site scripting vulnerability exists in Cisco Unified...
CVE-2023-4951 Cross Site Scripting (XSS) Issue on "Client Based Authentication Policy Configuration" Screen
A cross site scripting issue was discovered with the pagination function on the "Client-based Authentication Policy Configuration" screen of the GreenRADIUS web admin interface. This issue is found in GreenRADIUS v5.1.1.1 and prior. A fix was included in v5.1.2.2...
CVE-2023-4951 Cross Site Scripting (XSS) Issue on "Client Based Authentication Policy Configuration" Screen
A cross site scripting issue was discovered with the pagination function on the "Client-based Authentication Policy Configuration" screen of the GreenRADIUS web admin interface. This issue is found in GreenRADIUS v5.1.1.1 and prior. A fix was included in v5.1.2.2...
SUSE CVE-2008-0564
Multiple cross-site scripting XSS vulnerabilities in Mailman before 2.1.10b1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors related to 1 editing templates and 2 the list's "info attribute" in the web administrator interface, a different vulnerability than...
CVE-2022-36222
Nokia Fastmile 3tg00118abad52 devices shipped by Optus are shipped with a default hardcoded admin account of admin:Nq+L5st7o This account can be used locally to access the web admin interface...
Hardcoded credentials
Nokia Fastmile 3tg00118abad52 devices shipped by Optus are shipped with a default hardcoded admin account of admin:Nq+L5st7o This account can be used locally to access the web admin interface...
PT-2022-23264 · Nokia · Nokia Fastmile
Name of the Vulnerable Software and Affected Versions: Nokia Fastmile 3tg00118abad52 devices affected versions not specified Description: The issue concerns a default hardcoded admin account with the credentials admin:Nq+L5st7o. This account can be used locally to access the web admin interface...
CVE-2022-36222
CVE-2022-36222 affects Nokia Fastmile 3tg00118abad52 devices shipped by Optus. It uses a default hardcoded admin credentials (admin:Nq+L5st7o) that can be used locally to access the web admin interface. The CVSS v3.1 base score is 8.4 (HIGH); attack vector LOCAL, no privileges required, no user i...
Plastic Scm安全漏洞
Unity Technologies Plastic Scm is a version control from Unity Technologies, USA. A security vulnerability previously existed in Plastic SCM 10.0.16.5622, which stemmed from Plastic SCM incorrectly handling the WebAdmin server management interface...
The vulnerability in the web-based administration interface of Cisco Small Business RV320, Cisco Small Business RV325, Cisco Small Business RV016, Cisco Small Business RV042, and Cisco Small Business RV082 allows a malicious actor to cause device malfunctions or execute arbitrary code with root privileges.
The vulnerability in the web-based administration interface of Cisco Small Business RV320, Cisco Small Business RV325, Cisco Small Business RV016, Cisco Small Business RV042, and Cisco Small Business RV082 arises from an operation that goes beyond the buffer in memory. Exploiting this vulnerabili...
CVE-2019-19225
A Broken Access Control vulnerability in the D-Link DSL-2680 web administration interface Firmware EU1.03 allows an attacker to change DNS servers without being authenticated on the admin interface by submitting a crafted Forms/dns1 POST request...
Design/Logic Flaw
An issue was discovered in Alfresco Community Edition versions 6.0 and lower. An unauthenticated, remote attacker could authenticate to Alfresco's Solr Web Admin Interface. The vulnerability is due to the presence of a default private key that is present in all default installations. An attacker...
CVE-2019-14222
An issue was discovered in Alfresco Community Edition versions 6.0 and lower. An unauthenticated, remote attacker could authenticate to Alfresco's Solr Web Admin Interface. The vulnerability is due to the presence of a default private key that is present in all default installations. An attacker...
Cisco Meeting Server Web Management Interface Denial of Service Vulnerability
Cisco Acano X-Series, Meeting Server 1000, and Meeting Server 2000 are video conferencing solutions from Cisco.Web Admin Interface is one of the web-based management interfaces. An input validation vulnerability exists in the Web Admin Interface in the Cisco Acano X-Series, Meeting Server 1000, a...