Skip to main content
CVE-2020-8088 CRITICAL POC Act Now

panel_login.php in UseBB 1.0.12 allows type juggling for login bypass because != is used instead of !== for password hashes, which mishandles hashes that begin with 0e followed by exclusively. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass PHP Usebb
NVD
CVSS 3.1
9.8
EPSS
1.4%
CVE-2020-8087 CRITICAL POC Act Now

SMC Networks D3G0804W D3GNV5M-3.5.1.6.10_GA devices allow remote command execution by leveraging access to the Network Diagnostic Tools screen, as demonstrated by an admin login. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure D3G0804W Firmware
NVD
CVSS 3.1
9.8
EPSS
6.3%
CVE-2020-8001 CRITICAL POC Act Now

The Intellian Aptus application 1.0.2 for Android has a hardcoded password of intellian for the masteruser FTP account. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Google Authentication Bypass Aptus
NVD
CVSS 3.1
9.8
EPSS
1.6%
CVE-2020-8000 CRITICAL POC Act Now

Intellian Aptus Web 1.24 has a hardcoded password of 12345678 for the intellian account. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Aptus Web
NVD
CVSS 3.1
9.8
EPSS
2.4%
CVE-2020-7999 CRITICAL POC Act Now

The Intellian Aptus application 1.0.2 for Android has hardcoded values for DOWNLOAD_API_KEY and FILE_DOWNLOAD_API_KEY. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Google Authentication Bypass Aptus
NVD
CVSS 3.1
9.8
EPSS
1.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy