418 matches found
PT-2025-47631
Name of the Vulnerable Software and Affected Versions FS Inc S3150-8T2F 8-Port Gigabit Ethernet L2+ Switch versions prior to 2.2.0D Build 135103 Description The FS Inc S3150-8T2F 8-Port Gigabit Ethernet L2+ Switch transmits cookies containing usernames and passwords in cleartext using base64...
CVE-2025-34328
AudioCodes Fax Server and Auto-Attendant IVR appliances versions up to and including 2.6.23 include a web administration component F2MAdmin that exposes an unauthenticated script-management endpoint at AudioCodesfiles/utils/IVR/diagram/ajaxScript.php. The saveScript action writes attacker-supplie...
CVE-2021-4466 IPCop <= 2.1.9 Authenticated RCE
IPCop versions up to and including 2.1.9 contain an authenticated remote code execution vulnerability within the web-based administration interface. The email configuration component inserts user-controlled values, including the EMAILPW parameter, directly into system-level operations without...
CVE-2025-11565
CWE-22: Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability exists that could cause elevated system access when a Web Admin user on the local network tampers with the POST /REST/UpdateJRE request payload...
EUVD-2025-131906
CWE-22: Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability exists that could cause elevated system access when a Web Admin user on the local network tampers with the POST/REST/UpdateJRE request payload...
CVE-2025-11565
CWE-22: Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability exists that could cause elevated system access when a Web Admin user on the local network tampers with the POST /REST/UpdateJRE request payload...
CVE-2025-11565
CWE-22: Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability exists that could cause elevated system access when a Web Admin user on the local network tampers with the POST /REST/UpdateJRE request payload...
PT-2025-46657
Name of the Vulnerable Software and Affected Versions affected versions not specified Description A path traversal issue exists that could lead to elevated system access. This occurs when a Web Admin user on the local network manipulates the POST /REST/UpdateJRE request payload. The issue involve...
CVE-2025-62775
Mercku M6a devices through 2.1.0 allow root TELNET logins via the web admin password...
CVE-2025-62775
Mercku M6a devices through 2.1.0 allow root TELNET logins via the web admin password...
CVE-2025-62775
CVE-2025-62775 affects Mercku M6a devices up to firmware version 2.1.0, where the web admin password can be used to gain root TELNET access. The connected documents consistently describe root access via TELNET enabled by the web admin password, indicating a high-severity impact (per CVSS 3.1 vect...
Mercku M6a 安全漏洞
Mercku M6a is a WiFi router from Mercku USA. A security vulnerability exists in Mercku M6a version 2.1.0 and prior versions, which originates from allowing root login via TELNET using the web administrator password, which could lead to unauthorized access...
EUVD-2025-35312
Mercku M6a devices through 2.1.0 allow root TELNET logins via the web admin password...
Phoenix Contact CHARX SEC-3150 代码注入漏洞
The Phoenix Contact CHARX SEC-3150 is an AC charge controller from Phoenix Contact, Germany. The Phoenix Contact CHARX SEC-3150 suffers from a code injection vulnerability that originates from a low-privileged remote attacker who can perform command injection by changing the system configuration...
EUVD-2018-8360
Malware in sbrugna...
EUVD-2019-7531
Malware in sbrugna...
EUVD-2021-25193
Malware in sbrugna...
EUVD-2008-6694
Malware in sbrugna...
EUVD-2020-28596
Malware in sbrugna...
EUVD-2018-1194
Malware in sbrugna...