16821 matches found
CVE-2025-10365 Authentication Bypass in Evertz SDVN
The Evertz SDVN 3080ipx-10G is a High Bandwidth Ethernet Switching Fabric for Video Application. This device exposes a web management interface on port 80. This web management interface can be used by administrators to control product features, setup network switching, and register license among...
CVE-2025-10365 Authentication Bypass in Evertz SDVN
The Evertz SDVN 3080ipx-10G is a High Bandwidth Ethernet Switching Fabric for Video Application. This device exposes a web management interface on port 80. This web management interface can be used by administrators to control product features, setup network switching, and register license among...
CVE-2025-10365
The CVE-2025-10365 issue affects Evertz SDVN 3080ipx-10G web management (port 80). Connected docs identify two vulnerable endpoints (feature-transfer-import.php and feature-transfer-export.php) enabling arbitrary command execution, plus an authentication bypass. Remote unauthenticated attackers c...
Evertz SDVN 3080ipx-10G 安全漏洞
The Evertz SDVN 3080ipx-10G is a high-bandwidth Ethernet switching fabric for video applications from Evertz. A security vulnerability exists in the Evertz SDVN 3080ipx-10G that stems from an arbitrary command injection and authentication bypass issue in the web management interface, which could...
PT-2025-37317
Name of the Vulnerable Software and Affected Versions: Evertz SDVN 3080ipx-10G affected versions not specified Description: The Evertz SDVN 3080ipx-10G is a High Bandwidth Ethernet Switching Fabric for Video Application. The device exposes a web management interface on port 80, which is susceptib...
UTT 1200GW Buffer Overflow Vulnerability
The UTT 1200GW is an enterprise-grade wireless router from Atech Technology UTT designed to meet the networking needs of small to medium-sized businesses or large space office environments. The UTT 1200GW suffers from a buffer overflow vulnerability that stems from insufficient boundary validatio...
CVE-2025-41708
Due to an unsecure default configuration HTTP is used instead of HTTPS for the web interface. An unauthenticated attacker on the same network could exploit this to learn sensitive data during transmission...
Exploit for Authentication Bypass by Primary Weakness in Crushftp
CVE-2025-31161 - CrushFTP Authentication Bypass Exploit PoC...
PT-2025-88: Cross‑site scripting and open redirect in Fastwel PLC web interface
The vulnerability was identified in Fastwel programmable controllers, versions 3.4.5.0 CPM810-03, 3.4.9.1 СPM723-01. The discovered vulnerability stems from the lack of user input filtering in the redirect parameter. Exploitation of the vulnerability allows a remote attacker to execute arbitrary...
CVE-2025-54083 Calix GigaCenter ONT firmware - Sensitive Information Disclosure
Insecure Storage of Sensitive Information vulnerability in Calix GigaCenter ONT Quantenna SoC modules allows admin access to the web interface.This issue affects GigaCenter ONT: 844E, 844G, 844GE, 854GE...
CVE-2025-54083 Calix GigaCenter ONT firmware - Sensitive Information Disclosure
Insecure Storage of Sensitive Information vulnerability in Calix GigaCenter ONT Quantenna SoC modules allows admin access to the web interface.This issue affects GigaCenter ONT: 844E, 844G, 844GE, 854GE...
Amped RF BT-AP 111 安全漏洞
The Amped RF BT-AP 111 is a Bluetooth to Ethernet bridge device from Amped RF, Inc. A security vulnerability exists in the Amped RF BT-AP 111 that stems from a lack of authentication in the HTTP management interface, which could lead to unauthorized access...
PT-2025-36960
Name of the Vulnerable Software and Affected Versions: Calix GigaCenter ONT versions 844E Calix GigaCenter ONT versions 844G Calix GigaCenter ONT versions 844GE Calix GigaCenter ONT versions 854GE Description: An issue exists in Calix GigaCenter ONT Quantenna SoC modules that allows administrativ...
PT-2025-36793
Name of the Vulnerable Software and Affected Versions: Proxmox Virtual Environment versions 8.4 Description: A stored cross-site scripting XSS vulnerability exists in the U2F Origin field of the Datacenter configuration. Authenticated users can store malicious input which is rendered unsafely in...
Cisco Unified Communications Manager IM & Presence Service Cross-Site Scripting (cisco-sa-imp-xss-XQgu4HSG)
According to its self-reported version, Cisco Unified Communications Manager IM & Presence is affected by a cross-site scripting vulnerability: - A vulnerability in the web-based management interface of Cisco Unified Communications Manager IM & Presence Service Unified CM IM&P could allow an...
CVE-2025-41708
Due to an unsecure default configuration HTTP is used instead of HTTPS for the web interface. An unauthenticated attacker on the same network could exploit this to learn sensitive data during transmission...
CVE-2025-41708 Cleartext Transmission of Sensitive Data via Insecure HTTP Web Interface
Due to an unsecure default configuration HTTP is used instead of HTTPS for the web interface. An unauthenticated attacker on the same network could exploit this to learn sensitive data during transmission...
CVE-2025-41708
CVE-2025-41708 involves cleartext transmission due to an insecure default configuration that uses HTTP for the web interface. An unauthenticated attacker on the same network could learn sensitive data during transmission. Connected documents reference affected products (e.g., Bender devices) but ...
CVE-2025-20287
A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager EPNM could allow an authenticated, remote attacker to upload arbitrary files to an affected device. This vulnerability is due to improper validation of files that are uploaded to the web-based...
CVE-2025-20326
A vulnerability in the web-based management interface of Cisco Unified Communications Manager Unified CM Software and Cisco Unified CM Session Management Edition SME Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack on an affected device...