Skip to main content
CVE-2015-0936 CRITICAL POC THREAT Emergency

Ceragon FibeAir IP-10 have a default SSH public key in the authorized_keys file for the mateidu user, which allows remote attackers to obtain SSH access by leveraging knowledge of the private key. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 86.3%.

Information Disclosure Fibeair Ip 10 Firmware
NVD GitHub Exploit-DB
CVSS 3.1
9.8
EPSS
86.3%
Threat
6.0
CVE-2015-5473 CRITICAL Emergency

Multiple directory traversal vulnerabilities in Samsung SyncThru 6 before 1.0 allow remote attackers to delete arbitrary files via unspecified parameters to (1) upload/updateDriver or (2). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 46.9% and no vendor patch available.

Path Traversal Samsung RCE Syncthru 6
NVD
CVSS 3.0
9.8
EPSS
46.9%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy