Zhuhai RaySharp firmware has a hardcoded root password, which makes it easier for remote attackers to obtain access via a session on TCP port 23 or 9000. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 10.8%.
Symantec Encryption Management Server (SEMS) 3.3.2 before MP12 allows remote authenticated users to execute arbitrary OS commands by leveraging console administrator access. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.