Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
CVE-2026-30702
CRITICAL CVSS 9.8
Find Similar
The WiFi Extender WDR201A (HW V2.1, FW LFMZX28040922V1.02) implements a broken authentication mechanism in its web management interface. The login page does not properly enforce session validation, al
Authentication Bypass by Primary Weakness vulnerability in yourownprogrammer YOP Poll allows Authentication Bypass.This issue affects YOP Poll: from n/a through 6.5.28.
A post-authentication command injection vulnerability in Zyxel ATP series firmware versions from V5.00 through V5.38, USG FLEX series firmware versions from V5.00 through V5.38, USG FLEX 50(W) series
An information disclosure vulnerability in the component /socket.io/1/websocket/ of Soundcraft Ui Series Model(s) Ui12 and Ui16 Firmware v1.0.7x and v1.0.5x allows attackers to access Administrator cr
CVE-2024-13061
CRITICAL CVSS 9.8
Find Similar
The Electronic Official Document Management System from 2100 Technology has an Authentication Bypass vulnerability. Although the product enforces an IP whitelist for the API used to query user tokens,
A post-authentication command injection vulnerability in Zyxel ATP series firmware versions from V4.32 through V5.40, USG FLEX series firmware versions from V4.50 through V5.40, USG FLEX 50(W) series
Weak encoding for password vulnerability exists in HMI ViewJet C-more series. If this vulnerability is exploited, authentication information may be obtained by a local authenticated attacker.
Hirschmann EagleSDV firmware prior to 05.4.02 contains a denial-of-service vulnerability in TLS session establishment. Attackers can crash the device during TLS handshake by exploiting protocol downgr
Ubiquiti AirMax firmware version firmware version 8 allows attackers with physical access to gain a privileged command shell via the UART Debugging Port.
A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0). Affected devices do not properly sanitize user input when creating new users. This could allow an a
CVE-2024-8234
CRITICAL CVSS 9.8
Find Similar
** UNSUPPORTED WHEN ASSIGNED ** A command injection vulnerability in the functions formSysCmd(), formUpgradeCert(), and formDelcert() in the Zyxel NWA1100-N firmware version 1.00(AACE.1)C0 could allow
The LevelOne WBR-6012 router with firmware R0.40e6 has an authentication bypass vulnerability in its web application due to reliance on client IP addresses for authentication. Attackers could spoof an
CVE-2025-44083
CRITICAL CVSS 9.8
Find Similar
An issue in D-Link DI-8100 16.07.26A1 allows a remote attacker to bypass administrator login authentication
Vivotek IP7137 camera with firmware version 0200a is vulnerable to path traversal. It is possible for an authenticated attacker to access resources beyond webroot directory using a direct HTTP request
Missing authentication vulnerability exists in Telnet function of WAB-I1750-PS v1.5.10 and earlier. When Telnet function of the product is enabled, a remote attacker may login to the product without a
Improper input validation for some Intel(R) Wireless Bluetooth(R) products for Windows before version 23.40 may allow an unauthenticated user to potentially enable denial of service via adjacent acces
A vulnerability in the web-based management interface of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an unauthenticated, remote attacker to view or delete the configuration or c
A weakness has been identified in TRENDnet TEW-821DAP 1.12B01. This issue affects the function find_hwid/new_gui_update_firmware of the component Firmware Update Handler. Executing a manipulation of t