Papouch TME ethernet thermometer and TME multi: Temperature and humidity via ethernet both suffer from cross site request forgery, hardcoded backdoor super user accounts, and missing access controls.
f0ee50dfb9961307792f4a00e338a077ffcc384ad59b75c9c48148eb47af0af9
HP StoreEver MSL6480 Tape Library version 4.10 suffers from cross site request forgery, weak default credentials, and access control vulnerabilities.
8f08337957222b11d4c4a443649d9ff928174b1dd9235eb25bb284e0dc7cb01d
This Metasploit module exploits an authentication bypass vulnerability in Meteocontrol WEBLog (all models). This vulnerability allows extracting Administrator password for the device management portal.
b5a443a5fc418686d9d3ce0d8492afebd3f170b8a108d1cefb5fed42ef7ba2c7
Moxa MiiNePort suffers from cross site request forgery, weak credential management, and sensitive information protection vulnerabilities.
7ed488745e4d059d12d5ec837be93fd1917ea75cdbe335cca37b64e00022a474
Schneider Electric Building Operation Automation Server version 1.6.1.5000 suffers from OS command injection, weak credential management, and privilege escalation vulnerabilities.
f4f4f183bd0512baf741708e2db936118942d5fd0e8f508b8e54c0c983fad7d4
WAGO IO PLC versions 758-870 and 750-849 suffer from weak credential management, lack of privilege separation, insecure ftp configuration, and weak filesystem permissions.
265cf836fd5bdb1c9a761033ead4a4c5910c3662908c88aa5076eb097dc54122
GE Industrial Solutions UPS SNMP adapter suffers from command injection and clear-text storage of sensitive information.
6461ea7f02e3828661f5f2c2334de5bdf1c58395f13ec5505a1d5449063ddf8a
D-Link DVG-N5402SP suffers from path traversal, weak credential management, and information leakage vulnerabilities.
bc547aa0033ab82aa8fde53becfd4db4431c4707fc91ae4fc5ab5866a936dbad
SeaWell Networks Spectrum SDC version 02.05.00 suffers from weak default credentials, path traversal, and privilege escalation vulnerabilities.
30b657b4143b625b275e364b5659fdb1d286a1649a39e9a64179c87750872c6c
eWON routers with firmware versions prior to 10.1s0* suffer from cross site request forgery, session management, RBAC control, and cross site scripting vulnerabilities.
db44f5340110e31d8969ebbbea39b66476ba340c324579db4a0c8e86da5eb756
Nordex Control 2 (NC2) SCADA version 16 suffers from a cross site scripting vulnerability.
e4b3732da6a42937ee4a23ae9d5562bb1a69144c16f5139060d53c7ef8a341f4
XZERES 442SR wind turbine suffers from a cross site scripting vulnerability.
1328aca548475d9704158e50bb0cf1d133388c98974314b228e040c479815ad9
LG Nortel ADSL modems with software version 3.04L.02V.sip._LE9500.dspApp3341A2pB022f.d19e suffer from authorization flaws, information disclosure, insecure configuration, and denial of service vulnerabilities.
07c137c52ba038e547265ff65850d81997d590daad3e58b85cea0d0e33cf7bb3
Brocade Fabric OS version 6.3.1b suffers from multiple weak system configuration issues that can result in system compromise. You actually have to go out of your way to break basic Linux security this badly.
86551b3c0d17766625527eb34a6c14cce252c358fd6840a5969038b4022df058
ZTE ADSL ZXV10 W300 modems suffer from insufficient authorization controls, information disclosure, and a backdoor account feature.
f638139811112ec6d7f34ff1e8acef146adf3549a65b832da61f1755c75c498d
ZTE ZXHN H108N R1A and ZXV10 W300 routers suffer from path traversal, information disclosure, improper authorization, and hard-coded credential vulnerabilities.
2735f65d35edc3931a3eae6069d85013b997afb9f924b5865ac99b6d29c02f0f
Cambium ePMP 1000 suffers from a remote OS command injection and privilege escalation vulnerabilities.
f3f71e560f8ee614e20bf5956339837e20028c8d5053172f3eb99639d547b9e1
ZTE ADSL modems suffer from authorization bypass and information disclosure vulnerabilities.
c8cc58a9774ae52bb5d5fb84d55e5fcdfa1127e663889f344fa1a78b2eb1f858
netis RealTek routers with firmware version 2.1.1 suffer from cross site request forgery, backdoor accounts, and weak RBAC control vulnerabilities.
1405872cbefb8ad0515fc44e8e0836e72d1d1fa985cac7c55007bb96d1c5ab5a
PROLiNK H5004NK ADSL routers with firmware version R76S Slt 4WNE1 6.1R suffer from cross site request forgery, backdoor accounts, and weak RBAC control vulnerabilities.
bdc0083d8c236287aee441dabe95d1060e8583de5c8dd2092287038176f12c8e
ZyXEL PMG5318-B20A suffers from a command injection vulnerability via the ping function.
94cea261bcbad285c0fb3b4900f3ab8150b00219d6b41f9594444e04f13fdfd8
Netgear Voice Gateway with firmware version 2.3.0.23_2.3.23 suffers from command injection, insecurely configured passwords, and cross site scripting vulnerabilities.
d00b6ccc7243ec76c13b6752206ecb24b7616afd8ccc5b5e94771fa108ece86e
F5 BigIP version 10.2.4 Build 595.0 Hotfix HF3 suffers from a path traversal vulnerability.
ab0a3042d4334bb2c87d36fda9fec448e92ffbf6fe5472e790e037e320a7c8a7
PIXORD Vehicle 3G Wi-Fi Router suffers from OS command injection, information disclosure, and various other vulnerabilities.
03ad30f1f842d6ddf4697f5efd5ca3278bb8272bd2d539ab9c4945bec0b34bfa
D-Link DIR-300 suffers from an administratively inflicted cross site scripting vulnerability.
43ead2a034ace5b0279515fb18d840f04a18174a3904b1181ab7f3d9d99a30a3