Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities
CVE-2025-57571
Tenda F3 V12.01.01.48_multi and after is vulnerable to Buffer Overflow. via the macFilterList parameter in goform/setNAT.
CVSS Score
5.6
EPSS Score
0.0
Published
2025-09-10
CVE-2025-57572
Tenda F3 V12.01.01.48_multi and after is vulnerable to Buffer Overflow via the onlineList parameter in goform/setParentControl.
CVSS Score
5.6
EPSS Score
0.0
Published
2025-09-10
CVE-2025-57573
Tenda F3 V12.01.01.48_multi and after is vulnerable to Buffer Overflow via the wifiTimeClose parameter in goform/setWifi.
CVSS Score
5.6
EPSS Score
0.0
Published
2025-09-10
CVE-2025-43884
Dell PowerProtect Data Manager, version(s) 19.19 and 19.20, Hyper-V contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution.
CVSS Score
8.2
EPSS Score
0.0
Published
2025-09-10
CVE-2025-29592
oasys v1.1 is vulnerable to Directory Traversal in ProcedureController.
CVSS Score
5.6
EPSS Score
0.001
Published
2025-09-10
CVE-2025-56404
An issue was discovered in MariaDB MCP 0.1.0 allowing attackers to gain sensitive information via the SSE service as the SSE service lacks user validation.
CVSS Score
7.5
EPSS Score
0.0
Published
2025-09-10
CVE-2025-56405
An issue was discovered in litmusautomation litmus-mcp-server thru 0.0.1 allowing unauthorized attackers to control the target's MCP service through the SSE protocol.
CVSS Score
7.5
EPSS Score
0.0
Published
2025-09-10
CVE-2025-56413
OS Command injection vulnerability in function OperateSSH in 1panel 2.0.8 allowing attackers to execute arbitrary commands via the operation parameter to the /api/v2/hosts/ssh/operate endpoint.
CVSS Score
8.8
EPSS Score
0.003
Published
2025-09-10
CVE-2025-10231
An Incorrect File Handling Permission bug exists on the N-central Windows Agent and Probe that, in the right circumstances, can allow a local low-level user to run commands with elevated permissions.
CVSS Score
7.0
EPSS Score
0.0
Published
2025-09-10
CVE-2025-58447
rAthena is an open-source cross-platform massively multiplayer online role playing game (MMORPG) server. Versions prior to commit 2f5248b have a heap-based buffer overflow in the login server, remote attacker to overwrite adjacent session fields by sending a crafted `CA_SSO_LOGIN_REQ` with an oversized token length. This leads to immediate denial of service (crash) and it is possible to achieve remote code execution via heap corruption. Commit 2f5248b fixes the issue.
CVSS Score
9.8
EPSS Score
0.003
Published
2025-09-09


Products
Pricing
Contact Us

Shodan ® - All rights reserved