16830 matches found
ELECOM WRC-BE36QS-B和ELECOM WRC-W701-B 操作系统命令注入漏洞
The ELECOM WRC-BE36QS-B and ELECOM WRC-W701-B are both wireless routers from ELECOM Japan. The ELECOM WRC-BE36QS-B and ELECOM WRC-W701-B suffer from an operating system command injection vulnerability that originates from OS command injection in the WebGUI, which could lead to the execution of...
DuraComm SPM-500 DP-10iN-100-MU 跨站脚本漏洞
The DuraComm SPM-500 DP-10iN-100-MU is a DC power distribution panel from DuraComm USA. A cross-site scripting vulnerability exists in the DuraComm SPM-500 DP-10iN-100-MU, which stems from susceptibility to cross-site scripting attacks that could prevent a legitimate user from accessing the web...
CVE-2025-46120
An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.27 and 200.18.7.1.323, and in Ruckus ZoneDirector prior to 10.5.1.0.282, where a path-traversal flaw in the web interface lets the server execute attacker-supplied EJS templates outside permitted directories, allowing a...
CVE-2025-46120
An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.27 and 200.18.7.1.323, and in Ruckus ZoneDirector prior to 10.5.1.0.282, where a path-traversal flaw in the web interface lets the server execute attacker-supplied EJS templates outside permitted directories, allowing a...
Cisco Unified Intelligence Center Arbitrary File Upload Vulnerability
Cisco Unified Intelligence Center is a web-based reporting platform from Cisco that consolidates contact center data and provides visual reporting capabilities. An arbitrary file upload vulnerability exists in the Cisco Unified Intelligence Center web interface, which stems from a lack of file...
📄 Intelbras RX 1500 2.2.9 / RX 3000 1.0.11 IDOR / XSS
Intelbras routers RX 1500 version 2.2.9 and RX 3000 version 1.0.11 suffer from multiple cross site scripting and insecure direct object reference vulnerabilities. =====Tempest Security Intelligence========================================== Multiple vulnerabilities in the web management interface ...
CVE-2025-46120
An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.27 and 200.18.7.1.323, and in Ruckus ZoneDirector prior to 10.5.1.0.282, where a path-traversal flaw in the web interface lets the server execute attacker-supplied EJS templates outside permitted directories, allowing a...
The vulnerability in the web interface for managing software tools used to create reports for Cisco Unified Intelligence Center, as well as for multimedia and distributed contact centers like Cisco Unified Contact Center Enterprise, allows attackers to perform SRF attacks.
The vulnerability in the web interface for managing software tools used to create reports for Cisco Unified Intelligence Center, as well as for multimedia and distributed contact centers like Cisco Unified Contact Center Enterprise, stems from forged requests at the server side, resulting from...
The vulnerability in the software web interface for Juniper Networks Security Director allows a hacker to disclose protected information.
The vulnerability of the Juniper Networks Security Director software’s web interface for security policy management is related to the lack of authentication. Exploiting this vulnerability can allow a malicious actor to disclose sensitive information...
CVE-2025-7881
A vulnerability was found in Mercusys MW301R 1.0.2 Build 190726 Rel.59423n. It has been declared as problematic. This vulnerability affects unknown code of the component Web Interface. The manipulation of the argument code leads to weak password recovery. The attack can be initiated remotely. The...
CVE-2025-7881 Mercusys MW301R Web Interface password recovery
A vulnerability was found in Mercusys MW301R 1.0.2 Build 190726 Rel.59423n. It has been declared as problematic. This vulnerability affects unknown code of the component Web Interface. The manipulation of the argument code leads to weak password recovery. The attack can be initiated remotely. The...
CVE-2025-7881 Mercusys MW301R Web Interface password recovery
A vulnerability was found in Mercusys MW301R 1.0.2 Build 190726 Rel.59423n. It has been declared as problematic. This vulnerability affects unknown code of the component Web Interface. The manipulation of the argument code leads to weak password recovery. The attack can be initiated remotely. The...
Mercusys MW301R 授权问题漏洞
The Mercusys MW301R is a router from the Chinese company Mercusys. An authorization issue vulnerability exists in Mercusys MW301R version 1.0.2 Build 190726 Rel.59423n, which stems from an incorrect manipulation of the parameter code in the Web Interface component leading to weak password recover...
PT-2025-30183 · Mercusys · Mercusys Mw301R
Name of the Vulnerable Software and Affected Versions: Mercusys MW301R version 1.0.2 Build 190726 Rel.59423n Description: A vulnerability exists in the Web Interface component of Mercusys MW301R. Manipulation of the code argument allows for weak password recovery, and the attack can be initiated...
The vulnerability in the web interface of the Cisco Unified Contact Center Express software’s operator management tool allows a perpetrator to escalate their privileges and execute arbitrary code.
The vulnerability of the web interface for managing the software used to automate operations in Cisco Unified Contact Center Express Unified CCX is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability allows a malicious actor to enhance their privileges and...
The vulnerability of the double-check function in the web interface of the microprogramming software for digital optical network systems Infinera G42, which allows a intruder to trigger a service failure.
The vulnerability of the double-check function in the web interface of the microprogramming software for digital optical network systems Infinera G42 is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to cause service failures...
The vulnerability in the web interface of the microprogramming software for Digital Optical Network Systems Infinera G42 allows a intruder to gain unauthorized access to protected information.
The vulnerability of the web interface of Microprogramming Software for Digital Optical Network Systems Infinera G42 is related to an incorrect restriction on the path name to the restricted access catalog. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to...
The vulnerability in the web interface of the Cisco Unified Contact Center Express software’s operator management tool allows a attacker to carry out an XSS attack.
The vulnerability in the web interface for controlling the software used to automate operations in Cisco Unified Contact Center Express Unified CCX is related to the lack of protective measures taken for the web page structure. Exploiting this vulnerability allows a malicious actor to carry out X...
VulnCheck KEV: CVE-2023-20085
A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected device. This vulnerability is due to...
Digisol DG-GR6821AC Router 安全漏洞
Digisol DG-GR6821AC Router is a WiFi router from Digisol India. A security vulnerability exists in the Digisol DG-GR6821AC Router that originates in the explicit transmission of credentials in the web management interface, which could lead to a remote attacker intercepting network traffic to gain...