header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Version
Year

Explore all Exploits:

Elber Cleber/3 Broadcast Multi-Purpose Platform 1.0.0 Authentication Bypass

The Elber Cleber/3 Broadcast Multi-Purpose Platform 1.0.0 is vulnerable to an authentication bypass issue that allows attackers to gain unauthorized administrative access by manipulating the set_pwd endpoint to overwrite user passwords within the system. This exploit compromises the security of the device's system.

Elber Reble610 M/ODU XPIC IP-ASI-SDH Microwave Link Authentication Bypass

The Elber Reble610 device is vulnerable to an authentication bypass issue that allows attackers to gain unauthorized and administrative access to protected areas of the application. This vulnerability occurs due to a flaw in the password management functionality, specifically in the set_pwd endpoint, which can be manipulated by attackers to overwrite the password of any user within the system.

Elber Signum DVB-S/S2 IRD Authentication Bypass

The Elber Signum DVB-S/S2 IRD device is vulnerable to an authentication bypass issue that allows attackers to gain unauthorized access by manipulating the set_pwd endpoint to overwrite user passwords and access protected areas of the application.

Flowise 1.6.5 – Authentication Bypass

Flowise version 1.6.5 and below is susceptible to an authentication bypass vulnerability. By modifying the endpoint paths to uppercase, such as /API/V1 instead of /api/v1, an attacker can bypass the authentication process. This issue is due to the lack of case sensitivity in the code snippet responsible for authentication middleware.

Positron Broadcast Signal Processor TRA7005 v1.20 – Authentication Bypass

The Positron Broadcast Digital Signal Processor TRA7005 is vulnerable to an authentication bypass that allows attackers to gain unauthorized access to protected areas of the application by manipulating the password management functionality. By exploiting this vulnerability, attackers can bypass Digest authentication, set a user's password to any value, or even remove it completely.

Electrolink FM/DAB/TV Transmitter Remote Authentication Bypass

An attacker can bypass authentication on Electrolink FM/DAB/TV Transmitter devices due to a lack of proper authentication mechanisms. This vulnerability affects various models and versions of Electrolink transmitters, allowing unauthorized access to the devices.

GLiNet Router Authentication Bypass Vulnerability

CVE-2023-46453 is a remote authentication bypass vulnerability in GLiNet routers with firmware versions 4.x and above. The vulnerability allows an attacker to bypass authentication and access the router's web interface by exploiting a lack of proper authentication checks in the /usr/sbin/gl-ngx-session file.

Cisco Firepower Management Center Authentication Bypass

The Cisco Firepower Management Center (FMC) versions 6.2.3.18, 6.4.0.16, and 6.6.7.1 are vulnerable to an authentication bypass vulnerability. An attacker can exploit this issue to gain unauthorized access to the FMC web services interface without proper authentication. This vulnerability has been assigned CVE-2023-20048.

Electrolink FM/DAB/TV Transmitter (Login Cookie) Authentication Bypass

Electrolink FM/DAB/TV Transmitter products are prone to an Authentication Bypass vulnerability. Attackers can bypass authentication mechanisms by manipulating login cookies, gaining unauthorized access to the transmitter systems. This issue affects various versions of the transmitters, including Compact DAB Transmitters, Medium DAB Transmitters, High Power DAB Transmitters, Compact FM Transmitters, Modular FM Transmitters, Digital FM Transmitters, VHF TV Transmitters, and UHF TV Transmitters.

Electrolink FM/DAB/TV Transmitter Remote Authentication Removal

The Electrolink FM/DAB/TV Transmitter devices are prone to an authentication bypass vulnerability. This issue allows remote attackers to access the devices without proper authentication, potentially leading to unauthorized control or access to sensitive information. This vulnerability has been assigned CVE-XXXXX.

Recent Exploits: