This vulnerability exists in Tenda wireless routers (300Mbps Wireless Router F3 and N300 Easy Setup Router) due to the plaintext transmission of login credentials during the initial login or post-fact
An authentication bypass vulnerability in the Tongyu AX1800 Wi-Fi 6 Router with firmware 1.0.0 allows unauthenticated network-adjacent attackers to perform arbitrary configuration changes without prov
The vulnerability affecting TL-WR850N v3 allows cleartext storage of administrative and Wi-Fi credentials in a region of the device’s flash memory while the serial interface remains enabled and protec
A vulnerability in the TP-Link Archer c20 router with firmware version V6.6_230412 and earlier permits unauthorized individuals to bypass the authentication of some interfaces under the /cgi directory
An attacker can use an undocumented UART port on the PCB as a side-channel to get root access e.g. with the credentials obtained from CVE-2025-41692.
An issue was discovered in Victure RX1800 WiFi 6 Router (software EN_V1.0.0_r12_110933, hardware 1.0) devices. The /cgi-bin/luci/admin/opsw/Dual_freq_un_apple endpoint is vulnerable to command injecti
This vulnerability exists in Tenda wireless routers (300Mbps Wireless Router F3 and N300 Easy Setup Router) due to the use of login credentials as the session ID through its web-based administrative i
Information disclosure of authentication information in the specific service vulnerability exists in Wi-Fi AP UNIT 'AC-WPS-11ac series'. If exploited, a remote unauthenticated attacker may obtain the
Improper access control in UEFI firmware in some Intel(R) Server M20NTP Family may allow a privileged user to potentially enable information disclosure via local access.
U-SPEED N300 router V1.0.0 does not implement rate limiting or account lockout protections on the /api/login endpoint. This allows an attacker on the local network to perform unlimited authentication
CP-XR-DE21-S -4G Router Firmware version 1.031.022 was discovered to contain insecure protections for its UART console. This vulnerability allows local attackers to connect to the UART port via a seri
Improper access control vulnerability affecting Vonets
industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9
and prior, enables an unauthenticated remote attacker to
Active debug code vulnerability exists in Mesh Wi-Fi router RP562B firmware version v1.0.2 and earlier. If this vulnerability is exploited, a network-adjacent authenticated attacker may obtain or alte
Incorrect access control in the endpoint /goform/ate of Tenda AC10 v4.0 firmware v16.03.10.09_multi_TDE01 allows attackers to escalate privileges or access sensitive components via a crafted request.
Incorrect access control in DEV Systemtechnik GmbH DEV 7113 RF over Fiber Distribution System 32-0078 H.01 allows unauthenticated attackers to access an administrative endpoint.
AX3000 Dual-Band Gigabit Wi-Fi 6 Router AX9 V22.03.01.46 and AX3000 Dual-Band Gigabit Wi-Fi 6 Router AX12 V1.0 V22.03.01.46 were discovered to contain an authenticated remote command execution (RCE) v
Mercusys AC12G (EU) V1 router with firmware AC12G(EU)_V1_200909 allows unauthenticated brute-force attacks via the TDDP password change endpoint (code=10), which lacks the rate limiting applied to the
Improper access control in UEFI firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.
A vulnerability in the web-based management interface of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an unauthenticated, remote attacker to view or delete the configuration or c
An issue was discovered in Victure RX1800 WiFi 6 Router (software EN_V1.0.0_r12_110933, hardware 1.0) devices. A remote attacker (in proximity to a Wi-Fi network) can derive the default Wi-Fi PSK valu