Lucene search
K

16821 matches found

Vulnrichment
Vulnrichment
added 2025/09/12 1:46 p.m.3 views

CVE-2025-10365 Authentication Bypass in Evertz SDVN

The Evertz SDVN 3080ipx-10G is a High Bandwidth Ethernet Switching Fabric for Video Application. This device exposes a web management interface on port 80. This web management interface can be used by administrators to control product features, setup network switching, and register license among...

9.3CVSS7.8AI score0.74884EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/09/12 1:46 p.m.11 views

CVE-2025-10365 Authentication Bypass in Evertz SDVN

The Evertz SDVN 3080ipx-10G is a High Bandwidth Ethernet Switching Fabric for Video Application. This device exposes a web management interface on port 80. This web management interface can be used by administrators to control product features, setup network switching, and register license among...

9.3CVSS0.05781EPSS
Exploits0References1
CVE
CVE
added 2025/09/12 1:46 p.m.20 views

CVE-2025-10365

The CVE-2025-10365 issue affects Evertz SDVN 3080ipx-10G web management (port 80). Connected docs identify two vulnerable endpoints (feature-transfer-import.php and feature-transfer-export.php) enabling arbitrary command execution, plus an authentication bypass. Remote unauthenticated attackers c...

9.3CVSS7.8AI score0.74884EPSS
In wildExploits0References1
CNNVD
CNNVD
added 2025/09/12 12:0 a.m.4 views

Evertz SDVN 3080ipx-10G 安全漏洞

The Evertz SDVN 3080ipx-10G is a high-bandwidth Ethernet switching fabric for video applications from Evertz. A security vulnerability exists in the Evertz SDVN 3080ipx-10G that stems from an arbitrary command injection and authentication bypass issue in the web management interface, which could...

9.3CVSS8.1AI score0.74884EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/09/12 12:0 a.m.6 views

PT-2025-37317

Name of the Vulnerable Software and Affected Versions: Evertz SDVN 3080ipx-10G affected versions not specified Description: The Evertz SDVN 3080ipx-10G is a High Bandwidth Ethernet Switching Fabric for Video Application. The device exposes a web management interface on port 80, which is susceptib...

9.3CVSS6.5AI score0.74884EPSS
Exploits0References9
CNVD
CNVD
added 2025/09/11 12:0 a.m.3 views

UTT 1200GW Buffer Overflow Vulnerability

The UTT 1200GW is an enterprise-grade wireless router from Atech Technology UTT designed to meet the networking needs of small to medium-sized businesses or large space office environments. The UTT 1200GW suffers from a buffer overflow vulnerability that stems from insufficient boundary validatio...

9CVSS8.1AI score0.06013EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/09/10 7:19 a.m.5 views

CVE-2025-41708

Due to an unsecure default configuration HTTP is used instead of HTTPS for the web interface. An unauthenticated attacker on the same network could exploit this to learn sensitive data during transmission...

7.4CVSS6.9AI score0.00212EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2025/09/10 12:20 a.m.340 views

Exploit for Authentication Bypass by Primary Weakness in Crushftp

CVE-2025-31161 - CrushFTP Authentication Bypass Exploit PoC...

9.8CVSS7.3AI score0.99963EPSS
Exploits18
Positive Technologies
Positive Technologies
added 2025/09/10 12:0 a.m.4 views

PT-2025-88: Cross‑site scripting and open redirect in Fastwel PLC web interface

The vulnerability was identified in Fastwel programmable controllers, versions 3.4.5.0 CPM810-03, 3.4.9.1 СPM723-01. The discovered vulnerability stems from the lack of user input filtering in the redirect parameter. Exploitation of the vulnerability allows a remote attacker to execute arbitrary...

8.6CVSS6.2AI score
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/09/09 8:29 p.m.3 views

CVE-2025-54083 Calix GigaCenter ONT firmware - Sensitive Information Disclosure

Insecure Storage of Sensitive Information vulnerability in Calix GigaCenter ONT Quantenna SoC modules allows admin access to the web interface.This issue affects GigaCenter ONT: 844E, 844G, 844GE, 854GE...

5.1CVSS6.3AI score0.00191EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/09/09 8:29 p.m.7 views

CVE-2025-54083 Calix GigaCenter ONT firmware - Sensitive Information Disclosure

Insecure Storage of Sensitive Information vulnerability in Calix GigaCenter ONT Quantenna SoC modules allows admin access to the web interface.This issue affects GigaCenter ONT: 844E, 844G, 844GE, 854GE...

5.1CVSS0.00191EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/09/09 12:0 a.m.2 views

Amped RF BT-AP 111 安全漏洞

The Amped RF BT-AP 111 is a Bluetooth to Ethernet bridge device from Amped RF, Inc. A security vulnerability exists in the Amped RF BT-AP 111 that stems from a lack of authentication in the HTTP management interface, which could lead to unauthorized access...

9.8CVSS6.8AI score0.00511EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/09/09 12:0 a.m.4 views

PT-2025-36960

Name of the Vulnerable Software and Affected Versions: Calix GigaCenter ONT versions 844E Calix GigaCenter ONT versions 844G Calix GigaCenter ONT versions 844GE Calix GigaCenter ONT versions 854GE Description: An issue exists in Calix GigaCenter ONT Quantenna SoC modules that allows administrativ...

5.1CVSS6.1AI score0.00191EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2025/09/09 12:0 a.m.5 views

PT-2025-36793

Name of the Vulnerable Software and Affected Versions: Proxmox Virtual Environment versions 8.4 Description: A stored cross-site scripting XSS vulnerability exists in the U2F Origin field of the Datacenter configuration. Authenticated users can store malicious input which is rendered unsafely in...

5.4CVSS5.3AI score0.00267EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2025/09/09 12:0 a.m.4 views

Cisco Unified Communications Manager IM & Presence Service Cross-Site Scripting (cisco-sa-imp-xss-XQgu4HSG)

According to its self-reported version, Cisco Unified Communications Manager IM & Presence is affected by a cross-site scripting vulnerability: - A vulnerability in the web-based management interface of Cisco Unified Communications Manager IM & Presence Service Unified CM IM&P could allow an...

6.1CVSS5.8AI score0.00236EPSS
Exploits0References3
NVD
NVD
added 2025/09/08 7:15 a.m.3 views

CVE-2025-41708

Due to an unsecure default configuration HTTP is used instead of HTTPS for the web interface. An unauthenticated attacker on the same network could exploit this to learn sensitive data during transmission...

7.4CVSS0.00212EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/09/08 6:38 a.m.2 views

CVE-2025-41708 Cleartext Transmission of Sensitive Data via Insecure HTTP Web Interface

Due to an unsecure default configuration HTTP is used instead of HTTPS for the web interface. An unauthenticated attacker on the same network could exploit this to learn sensitive data during transmission...

7.4CVSS6.4AI score0.00212EPSS
Exploits0References1
CVE
CVE
added 2025/09/08 6:38 a.m.17 views

CVE-2025-41708

CVE-2025-41708 involves cleartext transmission due to an insecure default configuration that uses HTTP for the web interface. An unauthenticated attacker on the same network could learn sensitive data during transmission. Connected documents reference affected products (e.g., Bender devices) but ...

7.4CVSS6.4AI score0.00212EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/09/05 6:18 p.m.16 views

CVE-2025-20287

A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager EPNM could allow an authenticated, remote attacker to upload arbitrary files to an affected device. This vulnerability is due to improper validation of files that are uploaded to the web-based...

8.8CVSS7AI score0.00295EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/09/05 6:18 p.m.9 views

CVE-2025-20326

A vulnerability in the web-based management interface of Cisco Unified Communications Manager Unified CM Software and Cisco Unified CM Session Management Edition SME Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack on an affected device...

8.8CVSS6.9AI score0.00167EPSS
Exploits0References1
Rows per page
Query Builder