Availability disruption in the H3C GR2200 router (firmware MiniGR1A0V100R016) arises because its bundled bftpd FTP daemon ships with USERLIMIT_GLOBAL set to 0 in /etc/bftpd.conf, imposing no ceiling on concurrent FTP sessions. Remote attackers can open large numbers of simultaneous connections to exhaust device sockets, memory, and CPU, degrading or crashing the FTP service and potentially the router itself. A public technical writeup exists and EPSS is modest (0.52%, 40th percentile); there is no public exploit identified beyond that writeup and no evidence of active exploitation (not listed in CISA KEV).
Uncontrolled resource consumption in the TRENDnet TPL-430AP powerline access point (firmware FW1.0) stems from its bundled bftpd FTP daemon shipping with USERLIMIT_GLOBAL=0, which imposes no cap on concurrent connections. A remote attacker can open unlimited simultaneous FTP sessions to exhaust device memory and connection resources, rendering the access point unresponsive (availability-only impact, no data compromise). No public exploit code has been confirmed, though a researcher gist and writeup describing the issue exist; EPSS risk is modest at 0.52% and the CVE is not listed in CISA KEV.
Cleartext identity exposure in the TRENDnet TEW-WLC100P wireless controller (firmware 2.03b03) stems from its bundled racoon IKE daemon shipping with aggressive mode as the first exchange_mode entry. Because IKE Phase 1 aggressive mode transmits identity payloads in plaintext and sends a hash of the pre-shared key that can be captured, any party observing or initiating a negotiation can harvest identities and mount offline dictionary attacks against the PSK. No public exploit identified at time of analysis and the EPSS probability is low (0.27%, 19th percentile), consistent with a configuration-hardening weakness rather than a mass-exploited flaw.
Sensitive constant disclosure in PAVO Inc.'s PAVO Pay (versions before 13.05.2025) allows remote attackers to extract hard-coded credentials embedded in the application binary, undermining authentication controls for the payment platform. The CVSS 7.5 score reflects high confidentiality impact with no required privileges or user interaction, though EPSS at 0.27% suggests limited mass exploitation interest and no public exploit identified at time of analysis. The disclosure originated from Turkey's national CERT (USOM), indicating a coordinated vendor advisory.
Authorization bypass in PAVO Inc. PAVO Pay (versions before 13.05.2025) allows remote unauthenticated attackers to access sensitive data by manipulating user-controlled identifiers (IDOR pattern). The flaw, mapped to CWE-639, enables exploitation of trusted identifiers without authentication and has no public exploit identified at time of analysis, with EPSS rating exploitation likelihood at 0.27%.
Information disclosure in Turtek Software's Eyotek product (versions before 11.03.2025) allows remote unauthenticated attackers to access other users' data by manipulating user-controlled identifiers (IDOR-class flaw). The CVSS 7.5 score reflects high confidentiality impact with no integrity or availability impact, and no public exploit identified at time of analysis. The flaw was reported by Turkey's national CERT (USOM) and tracked under advisory TR-25-0163.
Pre-Shared Key hash disclosure affects the TRENDnet TEW-WLC100P wireless LAN controller running firmware 2.03b03, whose bundled strongSwan configuration ships with the i_dont_care_about_security_and_use_aggressive_mode_psk option enabled by default. Because the IKE responder accepts IKEv1 Aggressive Mode with PSK, it transmits the PSK hash in the clear during negotiation, letting a network-positioned attacker capture it and mount an offline dictionary/brute-force crack to recover the VPN pre-shared secret. There is no public exploit identified at time of analysis, no CISA KEV listing, and EPSS is low (0.36%), reflecting an information-disclosure weakness rather than direct remote code execution.
Privilege escalation in Turpak Automatic Station Monitoring System versions prior to 5.0.6.51 allows authenticated remote attackers to bypass authorization controls by manipulating user-controlled keys (IDOR-style flaw). Authenticated low-privilege users can access or modify resources belonging to other accounts, including potentially higher-privileged ones. EPSS scores exploitation likelihood at 0.19% (41st percentile) and no public exploit identified at time of analysis.