Lucene search
+L

4 matches found

nvd
nvd
added 2025/12/10 9:16 p.m.8 views

CVE-2025-65821

As UART download mode is still enabled on the ESP32 chip on which the firmware runs, an adversary can dump the flash from the device and retrieve sensitive information such as details about the current and previous Wi-Fi network from the NVS partition. Additionally, this allows the adversary to...

7.5CVSS0.00322EPSS
Exploits0References2
cve
cve
added 2025/12/10 12:0 a.m.19 views

CVE-2025-65821

The CVE-2025-65821 entry concerns the ESP32 chip where UART download mode remains enabled. The vulnerability affects the UART download mechanism that can be exploited to dump the device flash, exposing sensitive data stored in the NVS partition (e.g., current and prior Wi‑Fi network details) and ...

7.5CVSS6.2AI score0.00322EPSS
Exploits0References2Affected Software1
packetstorm
packetstorm
added 2024/08/31 12:0 a.m.225 views

Netgear Unauthenticated SOAP Password Extractor

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Netgear Unauthenticated SOAP Password Extractor', 'Description' = %q This module exploits an authentication bypass vulnerability in different...

7.4AI score
Exploits0
osv
osv
added 2020/05/18 4:15 p.m.6 views

CVE-2020-11550

An issue was discovered on NETGEAR Orbi Tri-Band Business WiFi Add-on Satellite SRS60 AC3000 V2.5.1.106, Outdoor Satellite RBS50Y V2.5.1.106, and Pro Tri-Band Business WiFi Router SRR60 AC3000 V2.5.1.106. The administrative SOAP interface allows an unauthenticated remote leak of sensitive/arbitra...

6.5CVSS7AI score0.01568EPSS
Exploits1References3
Rows per page
Query Builder