CVE-2025-7881

A vulnerability was found in Mercusys MW301R 1.0.2 Build 190726 Rel.59423n. It has been declared as problematic. This vulnerability affects unknown code of the component Web Interface. The manipulation of the argument code leads to weak password recovery. The attack can be initiated remotely. The...

PT-2022-16030 · Freshrss · Freshrss

Name of the Vulnerable Software and Affected Versions: FreshRSS versions prior to 1.20.2 Description: FreshRSS is a free, self-hostable RSS aggregator. User configuration files can be accessed by a remote user. In addition to user preferences, such configurations contain hashed passwords of the...

CVE-2019-9160

WAC on the Sangfor Sundray WLAN Controller version 3.7.4.2 and earlier has a backdoor account allowing a remote attacker to login to the system via SSH on TCP port 22345 and escalate to root because the password for root is the WebUI admin password concatenated with a static string...

Polycom IP Phone - Web Interface Data Disclosure

/ / / / / // | / // \ | / / / / / /// / / / / / / / // / / / |/ / // / , 'Line 1' of 'Polycom IP Phone' software. The vulnerability allows the attacker to disclosure th...

Host Directory PRO 2.1.0 Remote Change Admin Password Exploit

Exploit for unknown platform in category web applications ============================================================= Host Directory PRO 2.1.0 Remote Change Admin Password Exploit ============================================================= change password Host Directory PRO 2.1.0 Configuratio...