EUVD-2018-21880

D-Link DIR601 2.02NA contains a credential disclosure vulnerability that allows unauthenticated attackers to retrieve sensitive configuration data by manipulating the tablename parameter in POST requests. Attackers can send requests to /mycgi.cgi with tablename values like adminuser,...

CVE-2018-25358

D-Link DIR601 2.02NA contains a credential disclosure vulnerability that allows unauthenticated attackers to retrieve sensitive configuration data by manipulating the tablename parameter in POST requests. Attackers can send requests to /mycgi.cgi with tablename values like adminuser,...

CVE-2018-25358 D-Link DIR601 2.02NA Credential Disclosure via my_cgi.cgi

D-Link DIR601 2.02NA contains a credential disclosure vulnerability that allows unauthenticated attackers to retrieve sensitive configuration data by manipulating the tablename parameter in POST requests. Attackers can send requests to /mycgi.cgi with tablename values like adminuser,...

D-Link DIR-601 安全漏洞

The D-Link DIR-601 is a home wireless router produced by D-Link Corporation. The D-Link DIR-601 2.02NA version has a security vulnerability. This vulnerability arises from manipulating the tablename parameter in POST requests, which may allow unauthenticated attackers to retrieve sensitive...

EUVD-2026-14419

Nexxt Solutions Nebula 300+ firmware through version 12.01.01.37 stores sensitive information, including administrative credentials and WiFi pre-shared keys, in plaintext within exported configuration backup files...

CVE-2026-31850

CVE-2026-31850 affects Nexxt Solutions Nebula 300+ firmware up to 12.01.01.37. The vulnerability arises because administrative credentials and WiFi pre‑shared keys are stored in plaintext inside exported configuration backup files, enabling exposure if backups are accessed. CVSS 4.0 base score 6....

PT-2026-27117

Nexxt Solutions Nebula 300+ firmware through version 12.01.01.37 stores sensitive information, including administrative credentials and WiFi pre-shared keys, in plaintext within exported configuration backup files...

EUVD-2019-19376

Tellion HN-2204AP routers contain an unauthenticated configuration disclosure vulnerability in the /cgi-bin/systemconfigfile management endpoint. The endpoint allows remote retrieval of a compressed configuration archive without requiring authentication or authorization. The exposed configuration...

CVE-2019-25227

Tellion HN-2204AP routers contain an unauthenticated configuration disclosure vulnerability in the /cgi-bin/systemconfigfile management endpoint. The endpoint allows remote retrieval of a compressed configuration archive without requiring authentication or authorization. The exposed configuration...

CVE-2019-25227 Tellion HN-2204AP Unauthenticated Configuration Disclosure

Tellion HN-2204AP routers contain an unauthenticated configuration disclosure vulnerability in the /cgi-bin/systemconfigfile management endpoint. The endpoint allows remote retrieval of a compressed configuration archive without requiring authentication or authorization. The exposed configuration...

PT-2025-48191

Name of the Vulnerable Software and Affected Versions Tellion HN-2204AP routers affected versions not specified Description Tellion HN-2204AP routers have an issue where the /cgi-bin/system config file management endpoint allows remote retrieval of a compressed configuration archive without...

EUVD-2015-3983

Malware in sbrugna...

EUVD-2015-1156

Malware in sbrugna...

CVE-2013-1594

An Information Disclosure vulnerability exists via a GET request in Vivotek PT7135 IP Camera 0300a and 0400a due to wireless keys and 3rd party credentials stored in clear text...

Information disclosure

An Information Disclosure vulnerability exists via a GET request in Vivotek PT7135 IP Camera 0300a and 0400a due to wireless keys and 3rd party credentials stored in clear text...

CVE-2013-1594

An Information Disclosure vulnerability exists via a GET request in Vivotek PT7135 IP Camera 0300a and 0400a due to wireless keys and 3rd party credentials stored in clear text...

CVE-2013-1594

Vivotek PT7135 IP cameras with firmware 0300a/0400a are affected by CVE-2013-1594 and related vulnerabilities involving information leakage via GET requests. CoreLabs describes that wireless keys and third‑party credentials are stored in clear text (FTP, share, SMTP, WEP/WPA keys, DynDNS, etc.), ...

Design/Logic Flaw

Wireless keys are stored in plain text on version 5 of the Hospira LifeCare PCA Infusion System. According to Hospira, version 3 of the LifeCare PCA Infusion System is not indicated for wireless use, is not shipped with wireless capabilities, and should not be modified to be used in a wireless...

CVE-2015-1012

Wireless keys are stored in plain text on version 5 of the Hospira LifeCare PCA Infusion System. According to Hospira, version 3 of the LifeCare PCA Infusion System is not indicated for wireless use, is not shipped with wireless capabilities, and should not be modified to be used in a wireless...

Authorization

Wireless keys are stored in plain text on Hospira Plum A+ Infusion System version 13.4 and prior, Plum A+3 Infusion System version 13.6 and prior, and Symbiq Infusion System, version 3.13 and prior. Hospira recommends that customers close Port 20/FTP and Port 23/TELNET on the affected devices...