Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities
CVE-2026-30140
An incorrect access control vulnerability exists in Tenda W15E V02.03.01.26_cn. An unauthenticated attacker can access the /cgi-bin/DownloadCfg/RouterCfm.jpg endpoint to download the configuration file containing plaintext administrator credentials, leading to sensitive information disclosure and potential remote administrative access.
CVSS Score
7.5
EPSS Score
0.001
Published
2026-03-09
CVE-2025-70038
An issue pertaining to CWE-79: Improper Neutralization of Input During Web Page Generation was discovered in linagora Twake v2023.Q1.1223. This allows attackers to execute arbitrary code.
CVSS Score
8.8
EPSS Score
0.001
Published
2026-03-09
CVE-2025-70039
An issue pertaining to CWE-78: Improper Neutralization of Special Elements used in an OS Command was discovered in linagora Twake v2023.Q1.1223.
CVSS Score
9.8
EPSS Score
0.001
Published
2026-03-09
CVE-2025-70037
An issue pertaining to CWE-601: URL Redirection to Untrusted Site was discovered in linagora Twake v2023.Q1.1223. This allows attackers to obtain sensitive information and execute arbitrary code.
CVSS Score
6.1
EPSS Score
0.0
Published
2026-03-09
CVE-2025-70060
An issue pertaining to CWE-79: Improper Neutralization of Input During Web Page Generation was discovered in YMFE yapi v1.12.0.
CVSS Score
5.4
EPSS Score
0.0
Published
2026-03-09
CVE-2025-70042
An issue pertaining to CWE-918: Server-Side Request Forgery was discovered in oslabs-beta ThermaKube master.
CVSS Score
9.8
EPSS Score
0.001
Published
2026-03-09
CVE-2025-70046
An issue pertaining to CWE-829: Inclusion of Functionality from Untrusted Control Sphere was discovered in Miazzy oa-front-service master.
CVSS Score
9.8
EPSS Score
0.001
Published
2026-03-09
CVE-2025-70047
An issue pertaining to CWE-400: Uncontrolled Resource Consumption was discovered in Nexusoft NexusInterface v3.2.0-beta.2.
CVSS Score
7.5
EPSS Score
0.001
Published
2026-03-09
CVE-2025-70048
An issue pertaining to CWE-319: Cleartext Transmission of Sensitive Information was discovered in Nexusoft NexusInterface v3.2.0-beta.2.
CVSS Score
7.5
EPSS Score
0.0
Published
2026-03-09
CVE-2025-70050
An issue pertaining to CWE-312: Cleartext Storage of Sensitive Information was discovered in lesspass lesspass v9.6.9 which allows attackers to obtain sensitive information.
CVSS Score
6.5
EPSS Score
0.0
Published
2026-03-09


Products
Pricing
Contact Us

Shodan ® - All rights reserved