Credential Stuffing

2 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2026-29128 CRITICAL POC Act Now

Plaintext daemon credentials in IDC SFX2100 routing config files (zebra, bgpd, ospfd, ripd). CVSS 10.0. PoC available.

IoT Bgp Privilege Escalation Information Disclosure Credential Stuffing +2
NVD
CVSS 3.1
10.0
EPSS
0.0%
CVE-2025-28389 CRITICAL POC Act Now

Critical authentication bypass vulnerability in OpenC3 COSMOS v6.0.0 caused by weak password requirements that enable brute force attacks. An unauthenticated remote attacker can exploit this with no user interaction to gain full control over the affected system, including confidentiality, integrity, and availability compromise. The CVSS 9.8 severity and network-based attack vector indicate this poses significant risk to any organization running the vulnerable version without additional protective controls.

Authentication Bypass Brute Force Credential Stuffing Cosmos
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2026-29128
EPSS 0% CVSS 10.0
CRITICAL POC Act Now

Plaintext daemon credentials in IDC SFX2100 routing config files (zebra, bgpd, ospfd, ripd). CVSS 10.0. PoC available.

IoT Bgp Privilege Escalation +4
NVD
CVE-2025-28389
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

Critical authentication bypass vulnerability in OpenC3 COSMOS v6.0.0 caused by weak password requirements that enable brute force attacks. An unauthenticated remote attacker can exploit this with no user interaction to gain full control over the affected system, including confidentiality, integrity, and availability compromise. The CVSS 9.8 severity and network-based attack vector indicate this poses significant risk to any organization running the vulnerable version without additional protective controls.

Authentication Bypass Brute Force Credential Stuffing +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy