CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

Positive Technologies•added 2025/12/13 12:0 a.m.•2 views

PT-2025-51103

The authentication mechanism on web interface is not properly implemented. It is possible to bypass authentication checks by crafting a post request with new settings since there is no session token or authentication in place. This would allow an attacker for instance to point the device to an...

9.3CVSS7.1AI score0.0002EPSS

Exploits0References1

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2017-5507

Malware in sbrugna...

8.1CVSS8.2AI score0.0828EPSS

Exploits0References3

OSV•added 2018/11/26 3:29 a.m.•0 views

CVE-2018-19537

TP-Link Archer C5 devices through V2160201US allow remote command execution via shell metacharacters on the wandynhostname line of a configuration file that is encrypted with the 478DA50BF9E3D2CF key and uploaded through the web GUI by using the web admin account. The default password of admin ma...

7.2CVSS5.9AI score0.19618EPSS

Exploits1References1

OSV•added 2017/10/05 9:29 p.m.•0 views

CVE-2017-13992

An Insufficient Entropy issue was discovered in LOYTEC LVIS-3ME versions prior to 6.2.0. The application does not utilize sufficiently random number generation for the web interface authentication mechanism, which could allow remote code execution...

8.1CVSS6AI score

Exploits0References2

CVE•added 2017/10/05 9:0 p.m.•52 views

CVE-2017-13992

The CVE-2017-13992 entry documents an Insufficient Entropy issue in LOYTEC LVIS-3ME, affected in versions prior to 6.2.0. The web interface authentication relies on weak RNG, which could enable remote code execution. Several sources (NVD, CVE listing, CNVD, PRION, etc.) confirm the issue and link...

8.1CVSS8.4AI score0.0828EPSS

Exploits0References2Affected Software1

Cvelist•added 2017/10/05 9:0 p.m.•10 views

CVE-2017-13992

8.5AI score0.0828EPSS

Exploits0References2

CNVD•added 2017/09/15 12:0 a.m.•2 views

LOYTEC LVIS-3ME Remote Code Execution Vulnerability

LVIS-3ME is a graphical user interface from LOYTEC. A remote code execution vulnerability exists in LOYTEC LVIS-3ME versions prior to 6.2.0, which can be exploited by an attacker to remotely execute arbitrary code due to the application's failure to utilize a sufficiently random number to generat...

8.1CVSS8.7AI score0.0828EPSS

Exploits0References1

Huawei•added 2013/07/18 12:0 a.m.•24 views

Security Advisory- Web Interface Authentication Bypass Vulnerability in Huawei Tecal RH2285 V2 Server

Tecal RH2285 V2 is a next-generation 2 U 2-socket rack server. Featuring two Intel® Xeon® E5-2400 series processors, the RH2285 V2 provides large storage capacity, flexible scalability, and superb cost-effectiveness, which is an ideal hardware platform for big data and distributed storage...

6.8AI score

Exploits0Affected Software1