CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

157 matches found

Exploit DB•added 2026/05/29 12:0 a.m.•48 views

ZTE H298A / H108N - Unauthenticated Credential Exposure

Exploit Title: ZTE H298A / H108N - Unauthenticated Credential Exposure via ETHCheat Parameter Date: 2026-05-20 Exploit Author: Mina Nageh Salalma Monx Research Vendor Homepage: https://www.zte.com.cn Software Link:...

7.5CVSS5.8AI score0.01615EPSS

Exploits3

Tenable Nessus•added 2026/05/21 12:0 a.m.•5 views

FreeBSD : FreeBSD -- Remote code execution via installer Wi-Fi access point scans (039c0ab0-54b7-11f1-8d7a-bc241121aa0a)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 039c0ab0-54b7-11f1-8d7a-bc241121aa0a advisory. When bsdinstall or bsdconfig are prompted to scan for nearby Wi-Fi networks, they build up a list of...

7.5CVSS6AI score0.00014EPSS

Exploits0References2

AstraLinux•added 2026/05/20 5:53 a.m.•1 views

Astra Linux - уязвимость в wpa

The implementation of PEAP in wpasupplicant through version 2.10 allows for authentication bypass. To successfully carry out this attack, wpasupplicant must be configured to not verify the network’s TLS certificate during Phase 1 authentication. Additionally, the eappepeapdecrypt vulnerability ca...

6.5CVSS6.9AI score0.0417EPSS

Exploits0References2

ATTACKERKB•added 2026/02/27 12:58 a.m.•2 views

CVE-2026-25196

An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated attacker to achieve remote code execution on the system by injecting malicious input into the Wi-Fi SSID and/or password fields can lead to remote code execution when the configuration is...

8.8CVSS6.4AI score0.00043EPSS

Exploits0References4

ATTACKERKB•added 2026/02/03 10:1 p.m.•3 views

CVE-2020-37093

Netis E1+ 1.2.32533 contains an information disclosure vulnerability that allows unauthenticated attackers to retrieve WiFi passwords through the netcoreget.cgi endpoint. Attackers can send a GET request to the endpoint to extract sensitive network credentials including SSID and WiFi passwords in...

8.7CVSS5.4AI score0.0007EPSS

Exploits0References3Affected Software1

Positive Technologies•added 2026/02/03 12:0 a.m.•4 views

PT-2026-5846

Name of the Vulnerable Software and Affected Versions Edimax EW-7438RPn version 1.13 Description The Edimax EW-7438RPn version 1.13 contains a flaw that allows disclosure of WiFi network configuration details. An attacker can access the wlencrypt wiz.asp file to retrieve sensitive information,...

8.7CVSS5.5AI score0.00072EPSS

Exploits1References5

RedhatCVE•added 2026/01/09 9:58 a.m.•5 views

CVE-2020-7249

SMC D3G0804W 3.5.2.5-LATGA devices allow XSS via the SSID field on the WiFi Network Configuration page after a successful login to the admin account...

4.8CVSS6AI score0.00323EPSS

Exploits1References1

EUVD•added 2025/12/10 9:31 p.m.•2 views

EUVD-2025-202624

The ESP32 system on a chip SoC that powers the Meatmeet Pro was found to have JTAG enabled. By leaving JTAG enabled on an ESP32 in a commercial product an attacker with physical access to the device can connect over this port and reflash the device's firmware with malicious code which will be...

6.3AI score0.00031EPSS

Exploits0References3

NVD•added 2025/12/10 9:16 p.m.•3 views

CVE-2025-65822

6.8CVSS0.00031EPSS

Exploits0References2

Positive Technologies•added 2025/12/10 12:0 a.m.•4 views

PT-2025-50496

Name of the Vulnerable Software and Affected Versions ESP32 affected versions not specified Description An enabled UART download mode on the ESP32 chip allows an attacker to extract sensitive data from the flash memory, including Wi-Fi network details stored in the NVS partition. This access also...

7.5CVSS6.2AI score0.00043EPSS

Exploits0References8

RedHat Linux•added 2025/12/09 11:59 a.m.•10 views

Moderate: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

8.8CVSS6.6AI score0.0006EPSS

Exploits1References8

Cvelist•added 2025/11/17 12:0 a.m.•6 views

CVE-2025-63292

Freebox v5 HD firmware = 1.7.20, Freebox v5 Crystal firmware = 1.7.20, Freebox v6 Révolution r1–r3 firmware = 4.7.x, Freebox Mini 4K firmware = 4.7.x, and Freebox One firmware = 4.7.x were discovered to expose subscribers' IMSI identifiers in plaintext during the initial phase of EAP-SIM...

0.00008EPSS

Exploits1References2

CVE•added 2025/11/17 12:0 a.m.•12 views

CVE-2025-63292

CVE-2025-63292 affects Freebox v5 HD (firmware 1.7.20), Freebox v5 Crystal (1.7.20), Freebox v6 Révolution r1–r3 (4.7.x), Freebox Mini 4K (4.7.x), and Freebox One (4.7.x). The root issue is that during the initial phase of EAP-SIM over the FreeWifi_secure network, the subscriber’s full NAI (embed...

3.5CVSS7AI score0.00008EPSS

Exploits1References2Affected Software1

Cvelist•added 2025/10/22 12:0 a.m.•7 views

CVE-2025-60341

Tenda AC6 V2.0 15.03.06.50 was discovered to contain a stack overflow in the ssid parameter in the fastsettingwifiset function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted input...

0.00114EPSS

Exploits1References1

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2011-1058

Malware in sbrugna...

4.3CVSS6.4AI score0.00686EPSS

Exploits0References5

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2021-26128

Malware in sbrugna...

7.8CVSS7.7AI score0.00056EPSS

Exploits0References2