CVE ID :CVE-2026-22312 Published : June 16, 2026, 8:16 p.m. | 52 minutes ago Description :The device has a webserver that exposes a REST API authenticated with a constant token. The unauthenticated API can be used by an attacker to get access to system settings, modify the configuration and...

#Sicherheitslücke

Original-Artikel öffnen Zurück zur Übersicht

ARTICLEVIEW

CVE-2026-22312 - Use of Hard-coded Credentials Vulnerability in Radiflow iSAP Smart Collector

VERWANDTEARTIKEL

CISA warnt vor aktiv ausgenutzter cPanel-Schwachstelle in LiteSpeed-Plugin

CVE-2026-25470 - WordPress ACPT (Pro) - Custom Post Types plugin for WordPress plugin <= 2.0.47 - Remote Code Execution (RCE) vulnerability

CVE-2026-39598 - WordPress Academy LMS Pro plugin < 3.5.2 - Arbitrary File Upload vulnerability

CVE-2026-49073 - WordPress Directorist Booking plugin <= 3.0.3 - SQL Injection vulnerability

CVE-2026-11409 - OS Command Injection in IPv6 PPPoE Configuration in TP-Link TL-WR940N

CVE-2026-11410 - OS Command Injection in BigPond Cable (BPA) Configuration in TP-Link TL-WR940N