Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
CVE-2025-26010
CRITICAL CVSS 9.8
Find Similar
Telesquare TLR-2005KSH 1.1.4 allows unauthorized password modification when requesting the admin.cgi parameter with setUserNamePassword.
CVE-2025-26011
CRITICAL CVSS 9.8
Find Similar
Telesquare TLR-2005KSH 1.1.4 has an unauthorized stack overflow vulnerability when requesting the admin.cgi parameter with setUsernamePassword.
CVE-2025-26003
CRITICAL CVSS 9.8
Find Similar
Telesquare TLR-2005KSH 1.1.4 is affected by an unauthorized command execution vulnerability when requesting the admin.cgi parameter with setAutorest.
CVE-2025-26006
CRITICAL CVSS 9.8
Find Similar
Telesquare TLR-2005KSH 1.1.4 has an unauthorized stack overflow vulnerability when requesting the admin.cgi parameter with setAutorest.
CVE-2025-26005
CRITICAL CVSS 9.8
Find Similar
Telesquare TLR-2005KSH 1.1.4 is vulnerable to unauthorized stack overflow vulnerability when requesting admin.cgi parameter with setNtp.
CVE-2025-26002
CRITICAL CVSS 9.8
Find Similar
Telesquare TLR-2005KSH 1.1.4 is affected by an unauthorized stack overflow vulnerability when requesting the admin.cgi parameter with setSyncTimeHost.
CVE-2025-26008
CRITICAL CVSS 9.8
Find Similar
In Telesquare TLR-2005KSH 1.1.4, an unauthorized stack overflow vulnerability exists when requesting admin.cgi parameter with setSyncTimeHost.
Unauthorized stack overflow vulnerability in Telesquare TLR-2005KSH v.1.1.4 allows a remote attacker to obtain sensitive information via the systemutil.cgi component.
CVE-2025-26007
CRITICAL CVSS 9.8
Find Similar
Telesquare TLR-2005KSH 1.1.4 has an unauthorized stack overflow vulnerability in the login interface when requesting systemtil.cgi.
A vulnerability was determined in Telesquare TLR-2005KSH 1.2.4. The affected element is an unknown function of the file /cgi-bin/internet.cgi?Command=lanCfg. Executing manipulation of the argument Hos
CVE-2025-13184
CRITICAL CVSS 9.8
Find Similar
Unauthenticated Telnet enablement via cstecgi.cgi (auth bypass) leading to unauthenticated root login with a blank password on factory/reset X5000R V9.1.0u.6369_B20230113 (arbitrary command execution)
Telesquare SKT LTE Router SDT-CS3B1 version 1.2.0 contains a cross-site request forgery vulnerability that allows authenticated attackers to execute arbitrary system commands by exploiting missing req
Aztech DSL5005EN firmware 1.00.AZ_2013-05-10 and possibly other versions allows unauthenticated attackers to change the administrator password via a crafted POST request to sysAccess.asp. This allows
CVE-2017-20223
CRITICAL CVSS 9.3
Find Similar
Telesquare SKT LTE Router SDT-CS3B1 firmware version 1.2.0 contains an insecure direct object reference vulnerability that allows attackers to bypass authorization and access resources by manipulating
CVE-2026-35904
CRITICAL CVSS 9.8
Find Similar
Incorrect access control in the web management interface of T3 Technology CPE models T625Pro v1.0.07, T6825G v1.0.03, and T7281 v1.0.03 allows unauthorized attackers to enable the Telnet service via s
CVE-2025-63207
CRITICAL CVSS 9.8
Find Similar
The R.V.R Elettronica TEX product (firmware TEXL-000400, Web GUI TLAN-000400) is vulnerable to broken access control due to improper authentication checks on the /_Passwd.html endpoint. An attacker ca
Incorrect access control in the component /config/WebSecurityConfig.java of yimioa before v2024.07.04 allows unauthorized attackers to arbitrarily modify Administrator passwords.
Edimax GS-5008PL firmware version 1.00.54 and prior contain a cross-site request forgery vulnerability that allows remote attackers to perform unauthorized administrative actions by inducing logged-in
Page 1+ Next →