Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities
CVE-2025-57573
Tenda F3 V12.01.01.48_multi and after is vulnerable to Buffer Overflow via the wifiTimeClose parameter in goform/setWifi.
CVSS Score
5.6
EPSS Score
0.0
Published
2025-09-10
CVE-2025-43884
Dell PowerProtect Data Manager, version(s) 19.19 and 19.20, Hyper-V contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution.
CVSS Score
8.2
EPSS Score
0.0
Published
2025-09-10
CVE-2025-29592
oasys v1.1 is vulnerable to Directory Traversal in ProcedureController.
CVSS Score
5.6
EPSS Score
0.001
Published
2025-09-10
CVE-2025-56466
Hardcoded credentials in Dietly v1.25.0 for android allows attackers to gain sensitive information.
CVSS Score
7.5
EPSS Score
0.0
Published
2025-09-10
CVE-2025-56404
An issue was discovered in MariaDB MCP 0.1.0 allowing attackers to gain sensitive information via the SSE service as the SSE service lacks user validation.
CVSS Score
7.5
EPSS Score
0.0
Published
2025-09-10
CVE-2025-56405
An issue was discovered in litmusautomation litmus-mcp-server thru 0.0.1 allowing unauthorized attackers to control the target's MCP service through the SSE protocol.
CVSS Score
7.5
EPSS Score
0.0
Published
2025-09-10
CVE-2025-56407
A vulnerability has been found in HuangDou UTCMS V9 and classified as critical. This vulnerability affects the function RunSql of the file app/modules/ut-data/admin/mysql.php. The manipulation of the argument sql leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
CVSS Score
8.8
EPSS Score
0.0
Published
2025-09-10
CVE-2025-56413
OS Command injection vulnerability in function OperateSSH in 1panel 2.0.8 allowing attackers to execute arbitrary commands via the operation parameter to the /api/v2/hosts/ssh/operate endpoint.
CVSS Score
8.8
EPSS Score
0.003
Published
2025-09-10
CVE-2025-10231
An Incorrect File Handling Permission bug exists on the N-central Windows Agent and Probe that, in the right circumstances, can allow a local low-level user to run commands with elevated permissions.
CVSS Score
7.0
EPSS Score
0.0
Published
2025-09-10
CVE-2025-10223
Insufficient Session Expiration (CWE-613) in the Web Admin Panel in AxxonSoft Axxon One (C-Werk) prior to 2.0.3 on Windows allows a local or remote authenticated attacker to retain access with removed privileges via continued use of an unexpired session token until natural expiration.
CVSS Score
5.4
EPSS Score
0.0
Published
2025-09-10


Products
Pricing
Contact Us

Shodan ® - All rights reserved