16828 matches found
CVE-2025-33023
A vulnerability has been identified in RUGGEDCOM ROX MX5000 All versions, RUGGEDCOM ROX MX5000RE All versions, RUGGEDCOM ROX RX1400 All versions, RUGGEDCOM ROX RX1500 All versions, RUGGEDCOM ROX RX1501 All versions, RUGGEDCOM ROX RX1510 All versions, RUGGEDCOM ROX RX1511 All versions, RUGGEDCOM R...
CVE-2025-33023
A vulnerability has been identified in RUGGEDCOM ROX MX5000 All versions, RUGGEDCOM ROX MX5000RE All versions, RUGGEDCOM ROX RX1400 All versions, RUGGEDCOM ROX RX1500 All versions, RUGGEDCOM ROX RX1501 All versions, RUGGEDCOM ROX RX1510 All versions, RUGGEDCOM ROX RX1511 All versions, RUGGEDCOM R...
PT-2025-32878 · Fortinet · Fortisoar
Name of the Vulnerable Software and Affected Versions: FortiSOAR versions 6.4 through 7.6.1 Description: An improper neutralization of input during web page generation 'cross-site scripting' exists. The web interface may allow an authenticated remote attacker to perform a cross-site scripting XSS...
PT-2025-32649 · Unknown · Ruggedcom Rox Mx5000 +8
Name of the Vulnerable Software and Affected Versions: RUGGEDCOM ROX MX5000 affected versions not specified RUGGEDCOM ROX MX5000RE affected versions not specified RUGGEDCOM ROX RX1400 affected versions not specified RUGGEDCOM ROX RX1500 affected versions not specified RUGGEDCOM ROX RX1501 affecte...
Siemens RUGGEDCOM ROX II
SUMMARY RUGGEDCOM ROX II devices does not properly enforce limitations on type and size of files that can be uploaded through their web interface. This could allow an attacker with a legitimate, highly privileged account on the web interface to upload arbitrary files onto the filesystem of the...
Linux Distros Unpatched Vulnerability : CVE-2017-15092
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A cross-site scripting issue has been found in the web interface of PowerDNS Recursor from 4.0.0 up to and including 4.0.6, where the qname of DNS queries was...
The vulnerability in the web interface of the Cisco Identity Services Engine (ISE) management platform allows a perpetrator to gain unauthorized access to protected information and perform cross-site scripting attacks.
The vulnerability in the web interface of the Cisco Identity Services Engine ISE management platform relates to the lack of protective measures for the website structure. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...
The vulnerability of the web interface of the information system for state and municipal payments in the Republic of Tatarstan (GIS GMPl) stems from errors in the logic of the web application’s operation. This vulnerability allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the web interface of the information system for state and municipal payments in the Republic of Tatarstan GIS GMPl is related to errors in the logic of the web application’s operation. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthoriz...
The vulnerability in the web interface of the Cisco Identity Services Engine (ISE) management platform allows a perpetrator to access and modify data.
The vulnerability of the Cisco Identity Services Engine ISE’s web management interface is related to deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor to gain access and modify data by sending a specially crafted HTTP request...
Belkin F9K1009 / F9K1010 Authentication Bypass
This repository contains a exploit for CVE‑2025‑8730, a critical Authentication Bypass vulnerability affecting the web interface of Belkin F9K1009 and F9K1010 routers. The flaw lies in the session validation logic of the /login.htm file, where improperly handled cookies or crafted requests allow...
The vulnerability in the web interface for managing the Cisco Unified Intelligence Center reporting software and the Cisco Unified Contact Center Express operator automation software allows a malicious individual to execute arbitrary commands and increase their privileges.
The vulnerability in the web interface for creating reports using the Cisco Unified Intelligence Center and the Cisco Unified Contact Center Express software lies in the unlimited download of dangerous files. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands and...
CVE-2025-8730
A vulnerability was found in Belkin F9K1009 and F9K1010 2.00.04/2.00.09 and classified as critical. Affected by this issue is some unknown functionality of the component Web Interface. The manipulation leads to hard-coded credentials. The attack may be launched remotely. The exploit has been...
Exploit for Out-of-bounds Write in Cypress Cyw20735_Firmware
This repository is an offensive tool for firmware emulation and fuzzing. It provides a virtual environment to fuzz wireless firmwares, allowing for the extraction of their current state and re-execution in a virtual environment for fuzzing. The tool is currently optimized for the CYW20735 Bluetoo...
CVE-2025-20332
A vulnerability in the web-based management interface of Cisco ISE could allow an authenticated, remote attacker to modify parts of the configuration on an affected device. This vulnerability is due to the lack of server-side validation of Administrator permissions. An attacker could exploit this...
CVE-2025-8284
By default, the Packet Power Monitoring and Control Web Interface do not enforce authentication mechanisms. This vulnerability could allow unauthorized users to access and manipulate monitoring and control functions...
CVE-2025-8284 Packet Power EMX and EG Missing Authentication for Critical Function
By default, the Packet Power Monitoring and Control Web Interface do not enforce authentication mechanisms. This vulnerability could allow unauthorized users to access and manipulate monitoring and control functions...
CVE-2025-8284 Packet Power EMX and EG Missing Authentication for Critical Function
By default, the Packet Power Monitoring and Control Web Interface do not enforce authentication mechanisms. This vulnerability could allow unauthorized users to access and manipulate monitoring and control functions...
CVE-2025-8730 Belkin F9K1009/F9K1010 Web Interface hard-coded credentials
A vulnerability was found in Belkin F9K1009 and F9K1010 2.00.04/2.00.09 and classified as critical. Affected by this issue is some unknown functionality of the component Web Interface. The manipulation leads to hard-coded credentials. The attack may be launched remotely. The exploit has been...
CVE-2025-8730 Belkin F9K1009/F9K1010 Web Interface hard-coded credentials
A vulnerability was found in Belkin F9K1009 and F9K1010 2.00.04/2.00.09 and classified as critical. Affected by this issue is some unknown functionality of the component Web Interface. The manipulation leads to hard-coded credentials. The attack may be launched remotely. The exploit has been...
EUVD-2025-23988
A vulnerability was found in Belkin F9K1009 and F9K1010 2.00.04/2.00.09 and classified as critical. Affected by this issue is some unknown functionality of the component Web Interface. The manipulation leads to hard-coded credentials. The attack may be launched remotely. The exploit has been...