Hard-coded root credentials in FNKvision Y215 CCTV Camera firmware (version 10.194.120.40) allow local authenticated attackers with low privileges to escalate to root access, achieving complete system compromise. Public exploit code demonstrates credential extraction from firmware binaries. EPSS score of 0.01% (2nd percentile) indicates minimal observed scanning activity despite public POC availability, likely due to the local access requirement limiting remote mass exploitation. CISA KEV does not list this CVE, suggesting no confirmed widespread active exploitation targeting these IoT cameras.
A vulnerability was detected in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
A security vulnerability has been detected in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability was determined in Belkin AX1800 1.1.00.016. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
IBM Integrated Analytics System 1.0.0.0 through 1.0.30.0 could allow an authenticated user to upload a file with dangerous types that could be executed by another user if opened. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.