Lucene search
K

16830 matches found

CNNVD
CNNVD
added 2025/07/22 12:0 a.m.1 views

ELECOM WRC-BE36QS-B和ELECOM WRC-W701-B 操作系统命令注入漏洞

The ELECOM WRC-BE36QS-B and ELECOM WRC-W701-B are both wireless routers from ELECOM Japan. The ELECOM WRC-BE36QS-B and ELECOM WRC-W701-B suffer from an operating system command injection vulnerability that originates from OS command injection in the WebGUI, which could lead to the execution of...

8.6CVSS7.4AI score0.01051EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/07/22 12:0 a.m.4 views

DuraComm SPM-500 DP-10iN-100-MU 跨站脚本漏洞

The DuraComm SPM-500 DP-10iN-100-MU is a DC power distribution panel from DuraComm USA. A cross-site scripting vulnerability exists in the DuraComm SPM-500 DP-10iN-100-MU, which stems from susceptibility to cross-site scripting attacks that could prevent a legitimate user from accessing the web...

8.1CVSS5.8AI score0.00337EPSS
Exploits0References3
NVD
NVD
added 2025/07/21 3:15 p.m.19 views

CVE-2025-46120

An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.27 and 200.18.7.1.323, and in Ruckus ZoneDirector prior to 10.5.1.0.282, where a path-traversal flaw in the web interface lets the server execute attacker-supplied EJS templates outside permitted directories, allowing a...

9.8CVSS0.00998EPSS
Exploits1References2
OSV
OSV
added 2025/07/21 3:15 p.m.5 views

CVE-2025-46120

An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.27 and 200.18.7.1.323, and in Ruckus ZoneDirector prior to 10.5.1.0.282, where a path-traversal flaw in the web interface lets the server execute attacker-supplied EJS templates outside permitted directories, allowing a...

9.8CVSS6.1AI score0.00998EPSS
Exploits1References2
CNVD
CNVD
added 2025/07/21 12:0 a.m.2 views

Cisco Unified Intelligence Center Arbitrary File Upload Vulnerability

Cisco Unified Intelligence Center is a web-based reporting platform from Cisco that consolidates contact center data and provides visual reporting capabilities. An arbitrary file upload vulnerability exists in the Cisco Unified Intelligence Center web interface, which stems from a lack of file...

8.8CVSS7.9AI score0.0038EPSS
Exploits0References1
Packet Storm
Packet Storm
added 2025/07/21 12:0 a.m.172 views

📄 Intelbras RX 1500 2.2.9 / RX 3000 1.0.11 IDOR / XSS

Intelbras routers RX 1500 version 2.2.9 and RX 3000 version 1.0.11 suffer from multiple cross site scripting and insecure direct object reference vulnerabilities. =====Tempest Security Intelligence========================================== Multiple vulnerabilities in the web management interface ...

9.8CVSS6.8AI score0.01156EPSS
Exploits4
Vulnrichment
Vulnrichment
added 2025/07/21 12:0 a.m.3 views

CVE-2025-46120

An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.27 and 200.18.7.1.323, and in Ruckus ZoneDirector prior to 10.5.1.0.282, where a path-traversal flaw in the web interface lets the server execute attacker-supplied EJS templates outside permitted directories, allowing a...

8AI score0.00998EPSS
Exploits1References2
BDU FSTEC
BDU FSTEC
added 2025/07/21 12:0 a.m.6 views

The vulnerability in the web interface for managing software tools used to create reports for Cisco Unified Intelligence Center, as well as for multimedia and distributed contact centers like Cisco Unified Contact Center Enterprise, allows attackers to perform SRF attacks.

The vulnerability in the web interface for managing software tools used to create reports for Cisco Unified Intelligence Center, as well as for multimedia and distributed contact centers like Cisco Unified Contact Center Enterprise, stems from forged requests at the server side, resulting from...

5.8CVSS5.6AI score0.00323EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/07/21 12:0 a.m.6 views

The vulnerability in the software web interface for Juniper Networks Security Director allows a hacker to disclose protected information.

The vulnerability of the Juniper Networks Security Director software’s web interface for security policy management is related to the lack of authentication. Exploiting this vulnerability can allow a malicious actor to disclose sensitive information...

9.6CVSS5.4AI score0.00373EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2025/07/20 10:15 a.m.5 views

CVE-2025-7881

A vulnerability was found in Mercusys MW301R 1.0.2 Build 190726 Rel.59423n. It has been declared as problematic. This vulnerability affects unknown code of the component Web Interface. The manipulation of the argument code leads to weak password recovery. The attack can be initiated remotely. The...

5.1CVSS0.00282EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/07/20 9:44 a.m.5 views

CVE-2025-7881 Mercusys MW301R Web Interface password recovery

A vulnerability was found in Mercusys MW301R 1.0.2 Build 190726 Rel.59423n. It has been declared as problematic. This vulnerability affects unknown code of the component Web Interface. The manipulation of the argument code leads to weak password recovery. The attack can be initiated remotely. The...

5.1CVSS3.8AI score0.00282EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/07/20 9:44 a.m.16 views

CVE-2025-7881 Mercusys MW301R Web Interface password recovery

A vulnerability was found in Mercusys MW301R 1.0.2 Build 190726 Rel.59423n. It has been declared as problematic. This vulnerability affects unknown code of the component Web Interface. The manipulation of the argument code leads to weak password recovery. The attack can be initiated remotely. The...

5.1CVSS0.00282EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/07/20 12:0 a.m.4 views

Mercusys MW301R 授权问题漏洞

The Mercusys MW301R is a router from the Chinese company Mercusys. An authorization issue vulnerability exists in Mercusys MW301R version 1.0.2 Build 190726 Rel.59423n, which stems from an incorrect manipulation of the parameter code in the Web Interface component leading to weak password recover...

5.1CVSS4.5AI score0.00282EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/07/20 12:0 a.m.13 views

PT-2025-30183 · Mercusys · Mercusys Mw301R

Name of the Vulnerable Software and Affected Versions: Mercusys MW301R version 1.0.2 Build 190726 Rel.59423n Description: A vulnerability exists in the Web Interface component of Mercusys MW301R. Manipulation of the code argument allows for weak password recovery, and the attack can be initiated...

5.1CVSS3.6AI score0.00282EPSS
Exploits0References11
BDU FSTEC
BDU FSTEC
added 2025/07/18 12:0 a.m.6 views

The vulnerability in the web interface of the Cisco Unified Contact Center Express software’s operator management tool allows a perpetrator to escalate their privileges and execute arbitrary code.

The vulnerability of the web interface for managing the software used to automate operations in Cisco Unified Contact Center Express Unified CCX is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability allows a malicious actor to enhance their privileges and...

5.5CVSS5.8AI score0.00362EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/07/18 12:0 a.m.7 views

The vulnerability of the double-check function in the web interface of the microprogramming software for digital optical network systems Infinera G42, which allows a intruder to trigger a service failure.

The vulnerability of the double-check function in the web interface of the microprogramming software for digital optical network systems Infinera G42 is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to cause service failures...

6.8CVSS5.5AI score0.00335EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2025/07/18 12:0 a.m.6 views

The vulnerability in the web interface of the microprogramming software for Digital Optical Network Systems Infinera G42 allows a intruder to gain unauthorized access to protected information.

The vulnerability of the web interface of Microprogramming Software for Digital Optical Network Systems Infinera G42 is related to an incorrect restriction on the path name to the restricted access catalog. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to...

7.8CVSS5.5AI score0.00488EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2025/07/18 12:0 a.m.23 views

The vulnerability in the web interface of the Cisco Unified Contact Center Express software’s operator management tool allows a attacker to carry out an XSS attack.

The vulnerability in the web interface for controlling the software used to automate operations in Cisco Unified Contact Center Express Unified CCX is related to the lack of protective measures taken for the web page structure. Exploiting this vulnerability allows a malicious actor to carry out X...

5.5CVSS5.4AI score0.00213EPSS
Exploits0References2Affected Software1
VulnCheck KEV
VulnCheck KEV
added 2025/07/16 12:0 a.m.7 views

VulnCheck KEV: CVE-2023-20085

A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected device. This vulnerability is due to...

6.1CVSS6.1AI score0.00737EPSS
In wildExploits0References2
CNNVD
CNNVD
added 2025/07/16 12:0 a.m.4 views

Digisol DG-GR6821AC Router 安全漏洞

Digisol DG-GR6821AC Router is a WiFi router from Digisol India. A security vulnerability exists in the Digisol DG-GR6821AC Router that originates in the explicit transmission of credentials in the web management interface, which could lead to a remote attacker intercepting network traffic to gain...

8.7CVSS6.9AI score0.00265EPSS
Exploits0References1
Rows per page
Query Builder