Lucene search
K

418 matches found

Positive Technologies
Positive Technologies
added 2025/11/20 12:0 a.m.10 views

PT-2025-47631

Name of the Vulnerable Software and Affected Versions FS Inc S3150-8T2F 8-Port Gigabit Ethernet L2+ Switch versions prior to 2.2.0D Build 135103 Description The FS Inc S3150-8T2F 8-Port Gigabit Ethernet L2+ Switch transmits cookies containing usernames and passwords in cleartext using base64...

7.5CVSS6.7AI score0.00235EPSS
Exploits1References6
OSV
OSV
added 2025/11/19 5:15 p.m.4 views

CVE-2025-34328

AudioCodes Fax Server and Auto-Attendant IVR appliances versions up to and including 2.6.23 include a web administration component F2MAdmin that exposes an unauthenticated script-management endpoint at AudioCodesfiles/utils/IVR/diagram/ajaxScript.php. The saveScript action writes attacker-supplie...

9.8CVSS6AI score0.00621EPSS
Exploits2References4
Cvelist
Cvelist
added 2025/11/14 10:52 p.m.13 views

CVE-2021-4466 IPCop <= 2.1.9 Authenticated RCE

IPCop versions up to and including 2.1.9 contain an authenticated remote code execution vulnerability within the web-based administration interface. The email configuration component inserts user-controlled values, including the EMAILPW parameter, directly into system-level operations without...

8.7CVSS0.00481EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/11/13 2:3 p.m.4 views

CVE-2025-11565

CWE-22: Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability exists that could cause elevated system access when a Web Admin user on the local network tampers with the POST /REST/UpdateJRE request payload...

7.3CVSS6.5AI score0.0012EPSS
Exploits0References1
EUVD
EUVD
added 2025/11/12 3:31 p.m.7 views

EUVD-2025-131906

CWE-22: Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability exists that could cause elevated system access when a Web Admin user on the local network tampers with the POST/REST/UpdateJRE request payload...

7.3CVSS6AI score0.0012EPSS
Exploits0References2
NVD
NVD
added 2025/11/12 2:15 p.m.5 views

CVE-2025-11565

CWE-22: Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability exists that could cause elevated system access when a Web Admin user on the local network tampers with the POST /REST/UpdateJRE request payload...

7.3CVSS0.0012EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/11/12 1:19 p.m.7 views

CVE-2025-11565

CWE-22: Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability exists that could cause elevated system access when a Web Admin user on the local network tampers with the POST /REST/UpdateJRE request payload...

7.3CVSS0.0012EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/11/11 12:0 a.m.4 views

PT-2025-46657

Name of the Vulnerable Software and Affected Versions affected versions not specified Description A path traversal issue exists that could lead to elevated system access. This occurs when a Web Admin user on the local network manipulates the POST /REST/UpdateJRE request payload. The issue involve...

7.3CVSS6AI score0.0012EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2025/10/23 12:17 a.m.10 views

CVE-2025-62775

Mercku M6a devices through 2.1.0 allow root TELNET logins via the web admin password...

8CVSS7AI score0.00255EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/10/22 12:0 a.m.9 views

CVE-2025-62775

Mercku M6a devices through 2.1.0 allow root TELNET logins via the web admin password...

8CVSS0.00255EPSS
Exploits0References2
CVE
CVE
added 2025/10/22 12:0 a.m.9 views

CVE-2025-62775

CVE-2025-62775 affects Mercku M6a devices up to firmware version 2.1.0, where the web admin password can be used to gain root TELNET access. The connected documents consistently describe root access via TELNET enabled by the web admin password, indicating a high-severity impact (per CVSS 3.1 vect...

8CVSS6.7AI score0.00255EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/10/22 12:0 a.m.4 views

Mercku M6a 安全漏洞

Mercku M6a is a WiFi router from Mercku USA. A security vulnerability exists in Mercku M6a version 2.1.0 and prior versions, which originates from allowing root login via TELNET using the web administrator password, which could lead to unauthorized access...

8CVSS6.7AI score0.00255EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/22 12:0 a.m.7 views

EUVD-2025-35312

Mercku M6a devices through 2.1.0 allow root TELNET logins via the web admin password...

8CVSS6.5AI score0.00255EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/10/14 12:0 a.m.4 views

Phoenix Contact CHARX SEC-3150 代码注入漏洞

The Phoenix Contact CHARX SEC-3150 is an AC charge controller from Phoenix Contact, Germany. The Phoenix Contact CHARX SEC-3150 suffers from a code injection vulnerability that originates from a low-privileged remote attacker who can perform command injection by changing the system configuration...

8.8CVSS8.8AI score0.00881EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-8360

Malware in sbrugna...

7.2CVSS7AI score0.02583EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2019-7531

Malware in sbrugna...

10CVSS9.2AI score0.07406EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2021-25193

Malware in sbrugna...

6.1CVSS6.3AI score0.00717EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2008-6694

Malware in sbrugna...

9.3CVSS6.4AI score0.02962EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2020-28596

Malware in sbrugna...

4.8CVSS5.2AI score0.00569EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-1194

Malware in sbrugna...

6.8CVSS6.6AI score0.03228EPSS
Exploits0References4
Rows per page
Query Builder