Skip to main content
CVE-2025-22939 CRITICAL POC THREAT Emergency

A command injection vulnerability in the telnet service of Adtran 411 ONT L80.00.0011.M2 allows attackers to escalate privileges to root and execute arbitrary commands. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 18.2%.

Command Injection 411 Firmware
NVD
CVSS 3.1
9.8
EPSS
18.2%
CVE-2025-22941 CRITICAL POC THREAT Emergency

A command injection vulnerability in the web interface of Adtran 411 ONT L80.00.0011.M2 allows attackers to escalate privileges to root and execute arbitrary commands. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 14.3%.

Command Injection 411 Firmware
NVD
CVSS 3.1
9.8
EPSS
14.3%
CVE-2024-54804 CRITICAL POC THREAT Emergency

Netgear WNR854T 1.5.2 (North America) is vulnerable to Command Injection. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 10.2%.

RCE Netgear Command Injection Code Injection Wnr854T Firmware
NVD
CVSS 3.1
9.8
EPSS
10.2%
CVE-2024-54803 CRITICAL POC THREAT Emergency

Netgear WNR854T 1.5.2 (North America) is vulnerable to Command Injection. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 10.2%.

RCE Netgear Command Injection Code Injection Wnr854T Firmware
NVD
CVSS 3.1
9.8
EPSS
10.2%
CVE-2024-54807 CRITICAL POC Act Now

In Netgear WNR854T 1.5.2 (North America), the UPNP service is vulnerable to command injection in the function addmap_exec which parses the NewInternalClient parameter of the AddPortMapping SOAPAction. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Netgear Command Injection Code Injection Wnr854T Firmware
NVD
CVSS 3.1
9.8
EPSS
5.7%
CVE-2024-54805 CRITICAL POC Act Now

Netgear WNR854T 1.5.2 (North America) is vulnerable to Command Injection. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Netgear Command Injection Code Injection Wnr854T Firmware
NVD
CVSS 3.1
9.8
EPSS
4.3%
CVE-2024-54806 CRITICAL POC Act Now

Netgear WNR854T 1.5.2 (North America) is vulnerable to Arbitrary command execution in cmd.cgi which allows for the execution of system commands via the web interface. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Netgear Code Injection Wnr854T Firmware
NVD
CVSS 3.1
9.8
EPSS
1.4%
CVE-2024-54808 CRITICAL POC Act Now

Netgear WNR854T 1.5.2 (North America) contains a stack-based buffer overflow vulnerability in the SetDefaultConnectionService function due to an unconstrained use of sscanf. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Netgear Buffer Overflow RCE Stack Overflow Wnr854T Firmware
NVD
CVSS 3.1
9.8
EPSS
0.9%
CVE-2024-54802 CRITICAL POC Act Now

In Netgear WNR854T 1.5.2 (North America), the UPNP service (/usr/sbin/upnp) is vulnerable to stack-based buffer overflow in the M-SEARCH Host header. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Netgear Command Injection Buffer Overflow Wnr854T Firmware
NVD
CVSS 3.1
9.8
EPSS
0.6%
CVE-2025-22938 CRITICAL POC Act Now

Adtran 411 ONT L80.00.0011.M2 was discovered to contain weak default passwords. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure 411 Firmware
NVD
CVSS 3.1
9.8
EPSS
0.4%
CVE-2024-54809 CRITICAL POC Act Now

Netgear Inc WNR854T 1.5.2 (North America) contains a stack-based buffer overflow vulnerability in the parse_st_header function due to use of a request header parameter in a strncpy where size is. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Netgear Buffer Overflow Stack Overflow Wnr854T Firmware
NVD
CVSS 3.1
9.8
EPSS
0.2%
CVE-2025-30223 CRITICAL POC PATCH Act Now

Beego is an open-source web framework for the Go programming language. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS Beego Suse
NVD GitHub
CVSS 3.1
9.3
EPSS
0.3%
CVE-2025-22940 CRITICAL POC Act Now

Incorrect access control in Adtran 411 ONT L80.00.0011.M2 allows unauthorized attackers to arbitrarily set the admin password. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass 411 Firmware
NVD
CVSS 3.1
9.1
EPSS
0.3%
CVE-2025-2071 CRITICAL Act Now

A critical OS Command Injection vulnerability has been identified in the FAST LTA Silent Brick WebUI, allowing remote attackers to execute arbitrary operating system commands via specially crafted. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Command Injection Authentication Bypass
NVD
CVSS 4.0
10.0
EPSS
1.7%
CVE-2025-24237 CRITICAL Act Now

A buffer overflow was addressed with improved bounds checking. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Buffer Overflow
NVD
CVSS 3.1
9.8
EPSS
1.8%
CVE-2025-24264 CRITICAL PATCH Act Now

The issue was addressed with improved memory handling. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Denial Of Service Red Hat Suse
NVD
CVSS 3.1
9.8
EPSS
1.4%
CVE-2025-30457 CRITICAL Act Now

This issue was addressed with improved validation of symlinks. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure
NVD
CVSS 3.1
9.8
EPSS
1.0%
CVE-2025-24266 CRITICAL Act Now

A buffer overflow was addressed with improved bounds checking. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Buffer Overflow
NVD
CVSS 3.1
9.8
EPSS
0.9%
CVE-2025-30426 CRITICAL Act Now

This issue was addressed with additional entitlement checks. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure
NVD
CVSS 3.1
9.8
EPSS
0.8%
CVE-2025-24230 CRITICAL Act Now

An out-of-bounds read issue was addressed with improved input validation. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Buffer Overflow Apple
NVD
CVSS 3.1
9.8
EPSS
0.8%
CVE-2025-24211 CRITICAL Act Now

This issue was addressed with improved memory handling. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Denial Of Service
NVD
CVSS 3.1
9.8
EPSS
0.8%
CVE-2025-24190 CRITICAL Act Now

The issue was addressed with improved memory handling. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Denial Of Service
NVD
CVSS 3.1
9.8
EPSS
0.8%
CVE-2025-26689 CRITICAL Act Now

Direct request ('Forced Browsing') issue exists in CHOCO TEI WATCHER mini (IB-MCT001) all versions. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure
NVD
CVSS 3.1
9.8
EPSS
0.8%
CVE-2025-24238 CRITICAL Act Now

A logic issue was addressed with improved checks. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Privilege Escalation
NVD
CVSS 3.1
9.8
EPSS
0.8%
CVE-2025-31183 CRITICAL Act Now

The issue was addressed with improved restriction of data container access. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2025-30452 CRITICAL Act Now

The issue was addressed with improved checks. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2025-30424 CRITICAL Act Now

A logging issue was addressed with improved data redaction. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2025-24273 CRITICAL Act Now

An out-of-bounds write issue was addressed with improved bounds checking. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Memory Corruption Buffer Overflow
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2025-24265 CRITICAL Act Now

An out-of-bounds read was addressed with improved bounds checking. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Buffer Overflow Apple
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2025-24260 CRITICAL Act Now

The issue was addressed with improved memory handling. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Denial Of Service
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2025-24256 CRITICAL Act Now

The issue was addressed with improved bounds checks. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Buffer Overflow Apple
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2025-24253 CRITICAL Act Now

This issue was addressed with improved handling of symlinks. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2025-24250 CRITICAL Act Now

This issue was addressed with improved access restrictions. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2025-24247 CRITICAL Act Now

A type confusion issue was addressed with improved checks. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Denial Of Service
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2025-24246 CRITICAL Act Now

An injection issue was addressed with improved validation. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2025-24232 CRITICAL Act Now

This issue was addressed through improved state management. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2025-24231 CRITICAL Act Now

The issue was addressed with improved checks. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Memory Corruption Buffer Overflow
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2025-31182 CRITICAL Act Now

This issue was addressed with improved handling of symlinks. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Authentication Bypass
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2025-24249 CRITICAL Act Now

A permissions issue was addressed with additional sandbox restrictions. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Authentication Bypass
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2025-24233 CRITICAL Act Now

A permissions issue was addressed with additional restrictions. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Authentication Bypass
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2025-24207 CRITICAL Act Now

A permissions issue was addressed with additional restrictions. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Privilege Escalation
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2025-24181 CRITICAL Act Now

A permissions issue was addressed with additional restrictions. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Authentication Bypass
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2025-24178 CRITICAL Act Now

This issue was addressed through improved state management. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2025-24195 CRITICAL Act Now

An integer overflow was addressed with improved input validation. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Privilege Escalation
NVD
CVSS 3.1
9.8
EPSS
0.6%
CVE-2025-24167 CRITICAL Act Now

This issue was addressed through improved state management. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure
NVD
CVSS 3.1
9.8
EPSS
0.6%
CVE-2025-30433 CRITICAL Act Now

This issue was addressed with improved access restrictions. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Authentication Bypass
NVD
CVSS 3.1
9.8
EPSS
0.6%
CVE-2025-24259 CRITICAL Act Now

This issue was addressed with additional entitlement checks. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Authentication Bypass
NVD
CVSS 3.1
9.8
EPSS
0.6%
CVE-2025-24241 CRITICAL Act Now

A configuration issue was addressed with additional restrictions. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Authentication Bypass
NVD
CVSS 3.1
9.8
EPSS
0.6%
CVE-2025-30444 CRITICAL Act Now

A race condition was addressed with improved locking. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Race Condition
NVD
CVSS 3.1
9.8
EPSS
0.5%
CVE-2025-30458 CRITICAL Act Now

A permissions issue was addressed with additional restrictions. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Buffer Overflow Apple macOS
NVD
CVSS 3.1
9.8
EPSS
0.5%
Page 1 of 2 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy