CWE-489
AllowedActive Debug Code
Abstraction: Base · Status: Draft
The product is released with debugging code still enabled or active.
141 vulnerabilities reference this CWE, most recent first.
CVE-2020-5763 (GCVE-0-2020-5763)
Vulnerability from cvelistv5 – Published: 2020-07-29 18:51 – Updated: 2024-08-04 08:39| URL | Tags |
|---|---|
| https://www.tenable.com/security/research/tra-2020-43 | x_refsource_MISC |
| https://www.tenable.com/security/research/tra-2020-47 | x_refsource_MISC |
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Grandstream HT800 Series |
Affected:
Versions 1.0.17.5 and below
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:39:25.821Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.tenable.com/security/research/tra-2020-43"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.tenable.com/security/research/tra-2020-47"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Grandstream HT800 Series",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Versions 1.0.17.5 and below"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Grandstream HT800 series firmware version 1.0.17.5 and below contain a backdoor in the SSH service. An authenticated remote attacker can obtain a root shell by correctly answering a challenge prompt."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-489",
"description": "CWE-489",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-07-29T19:06:11.000Z",
"orgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
"shortName": "tenable"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.tenable.com/security/research/tra-2020-43"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.tenable.com/security/research/tra-2020-47"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vulnreport@tenable.com",
"ID": "CVE-2020-5763",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Grandstream HT800 Series",
"version": {
"version_data": [
{
"version_value": "Versions 1.0.17.5 and below"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Grandstream HT800 series firmware version 1.0.17.5 and below contain a backdoor in the SSH service. An authenticated remote attacker can obtain a root shell by correctly answering a challenge prompt."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-489"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.tenable.com/security/research/tra-2020-43",
"refsource": "MISC",
"url": "https://www.tenable.com/security/research/tra-2020-43"
},
{
"name": "https://www.tenable.com/security/research/tra-2020-47",
"refsource": "MISC",
"url": "https://www.tenable.com/security/research/tra-2020-47"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
"assignerShortName": "tenable",
"cveId": "CVE-2020-5763",
"datePublished": "2020-07-29T18:51:50.000Z",
"dateReserved": "2020-01-06T00:00:00.000Z",
"dateUpdated": "2024-08-04T08:39:25.821Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-5756 (GCVE-0-2020-5756)
Vulnerability from cvelistv5 – Published: 2020-07-17 20:16 – Updated: 2024-08-04 08:39| URL | Tags |
|---|---|
| https://www.tenable.com/security/research/tra-2020-41 | x_refsource_CONFIRM |
| Vendor | Product | Version | |
|---|---|---|---|
| Tenable | Grandstream GWN7000 |
Affected:
Versions 1.0.9.4 and below
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:39:25.704Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.tenable.com/security/research/tra-2020-41"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Grandstream GWN7000",
"vendor": "Tenable",
"versions": [
{
"status": "affected",
"version": "Versions 1.0.9.4 and below"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Grandstream GWN7000 firmware version 1.0.9.4 and below allows authenticated remote users to modify the system\u0027s crontab via undocumented API. An attacker can use this functionality to execute arbitrary OS commands on the router."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-489",
"description": "CWE-489",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-07-17T20:16:27.000Z",
"orgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
"shortName": "tenable"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.tenable.com/security/research/tra-2020-41"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vulnreport@tenable.com",
"ID": "CVE-2020-5756",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Grandstream GWN7000",
"version": {
"version_data": [
{
"version_value": "Versions 1.0.9.4 and below"
}
]
}
}
]
},
"vendor_name": "Tenable"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Grandstream GWN7000 firmware version 1.0.9.4 and below allows authenticated remote users to modify the system\u0027s crontab via undocumented API. An attacker can use this functionality to execute arbitrary OS commands on the router."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-489"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.tenable.com/security/research/tra-2020-41",
"refsource": "CONFIRM",
"url": "https://www.tenable.com/security/research/tra-2020-41"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
"assignerShortName": "tenable",
"cveId": "CVE-2020-5756",
"datePublished": "2020-07-17T20:16:27.000Z",
"dateReserved": "2020-01-06T00:00:00.000Z",
"dateUpdated": "2024-08-04T08:39:25.704Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-10939 (GCVE-0-2019-10939)
Vulnerability from cvelistv5 – Published: 2020-04-14 19:50 – Updated: 2024-08-04 22:40- CWE-489 - Active Debug Code
| URL | Tags |
|---|---|
| https://cert-portal.siemens.com/productcert/pdf/s… | x_refsource_MISC |
| Vendor | Product | Version | |
|---|---|---|---|
| Siemens AG | TIM 3V-IE (incl. SIPLUS NET variants) |
Affected:
All versions < V2.8
|
|
| Siemens AG | TIM 3V-IE Advanced (incl. SIPLUS NET variants) |
Affected:
All versions < V2.8
|
|
| Siemens AG | TIM 3V-IE DNP3 (incl. SIPLUS NET variants) |
Affected:
All versions < V3.3
|
|
| Siemens AG | TIM 4R-IE (incl. SIPLUS NET variants) |
Affected:
All versions < V2.8
|
|
| Siemens AG | TIM 4R-IE DNP3 (incl. SIPLUS NET variants) |
Affected:
All versions < V3.3
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T22:40:15.402Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-359303.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "TIM 3V-IE (incl. SIPLUS NET variants)",
"vendor": "Siemens AG",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.8"
}
]
},
{
"product": "TIM 3V-IE Advanced (incl. SIPLUS NET variants)",
"vendor": "Siemens AG",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.8"
}
]
},
{
"product": "TIM 3V-IE DNP3 (incl. SIPLUS NET variants)",
"vendor": "Siemens AG",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.3"
}
]
},
{
"product": "TIM 4R-IE (incl. SIPLUS NET variants)",
"vendor": "Siemens AG",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.8"
}
]
},
{
"product": "TIM 4R-IE DNP3 (incl. SIPLUS NET variants)",
"vendor": "Siemens AG",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in TIM 3V-IE (incl. SIPLUS NET variants) (All versions \u003c V2.8), TIM 3V-IE Advanced (incl. SIPLUS NET variants) (All versions \u003c V2.8), TIM 3V-IE DNP3 (incl. SIPLUS NET variants) (All versions \u003c V3.3), TIM 4R-IE (incl. SIPLUS NET variants) (All versions \u003c V2.8), TIM 4R-IE DNP3 (incl. SIPLUS NET variants) (All versions \u003c V3.3). The affected versions contain an open debug port that is available under certain specific conditions. The vulnerability is only available if the IP address is configured to 192.168.1.2. If available, the debug port could be exploited by an attacker with network access to the device. No user interaction is required to exploit this vulnerability. The vulnerability impacts confidentiality, integrity, and availability of the affected device. At the stage of publishing this security advisory no public exploitation is known."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-489",
"description": "CWE-489: Active Debug Code",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-14T19:50:54.000Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-359303.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2019-10939",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "TIM 3V-IE (incl. SIPLUS NET variants)",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V2.8"
}
]
}
},
{
"product_name": "TIM 3V-IE Advanced (incl. SIPLUS NET variants)",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V2.8"
}
]
}
},
{
"product_name": "TIM 3V-IE DNP3 (incl. SIPLUS NET variants)",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V3.3"
}
]
}
},
{
"product_name": "TIM 4R-IE (incl. SIPLUS NET variants)",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V2.8"
}
]
}
},
{
"product_name": "TIM 4R-IE DNP3 (incl. SIPLUS NET variants)",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V3.3"
}
]
}
}
]
},
"vendor_name": "Siemens AG"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in TIM 3V-IE (incl. SIPLUS NET variants) (All versions \u003c V2.8), TIM 3V-IE Advanced (incl. SIPLUS NET variants) (All versions \u003c V2.8), TIM 3V-IE DNP3 (incl. SIPLUS NET variants) (All versions \u003c V3.3), TIM 4R-IE (incl. SIPLUS NET variants) (All versions \u003c V2.8), TIM 4R-IE DNP3 (incl. SIPLUS NET variants) (All versions \u003c V3.3). The affected versions contain an open debug port that is available under certain specific conditions. The vulnerability is only available if the IP address is configured to 192.168.1.2. If available, the debug port could be exploited by an attacker with network access to the device. No user interaction is required to exploit this vulnerability. The vulnerability impacts confidentiality, integrity, and availability of the affected device. At the stage of publishing this security advisory no public exploitation is known."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-489: Active Debug Code"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-359303.pdf",
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-359303.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2019-10939",
"datePublished": "2020-04-14T19:50:54.000Z",
"dateReserved": "2019-04-08T00:00:00.000Z",
"dateUpdated": "2024-08-04T22:40:15.402Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-5454 (GCVE-0-2018-5454)
Vulnerability from cvelistv5 – Published: 2018-03-26 14:00 – Updated: 2024-09-16 16:57- CWE-489 - LEFTOVER DEBUG CODE CWE-489
| URL | Tags |
|---|---|
| https://www.usa.philips.com/healthcare/about/cust… | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/103182 | vdb-entryx_refsource_BID |
| https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02 | x_refsource_MISC |
| Vendor | Product | Version | |
|---|---|---|---|
| Philips | Philips IntelliSpace Portal |
Affected:
8.0.x
Affected: 7.0.x |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T05:33:44.323Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.usa.philips.com/healthcare/about/customer-support/product-security"
},
{
"name": "103182",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/103182"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Philips IntelliSpace Portal",
"vendor": "Philips",
"versions": [
{
"status": "affected",
"version": "8.0.x"
},
{
"status": "affected",
"version": "7.0.x"
}
]
}
],
"datePublic": "2018-02-27T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Philips IntelliSpace Portal all versions of 8.0.x, and 7.0.x have a vulnerability where code debugging methods are enabled, which could allow an attacker to remotely execute arbitrary code during runtime."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-489",
"description": "LEFTOVER DEBUG CODE CWE-489",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-03-27T09:57:01.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.usa.philips.com/healthcare/about/customer-support/product-security"
},
{
"name": "103182",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/103182"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"DATE_PUBLIC": "2018-02-27T00:00:00",
"ID": "CVE-2018-5454",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Philips IntelliSpace Portal",
"version": {
"version_data": [
{
"version_value": "8.0.x"
},
{
"version_value": "7.0.x"
}
]
}
}
]
},
"vendor_name": "Philips"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Philips IntelliSpace Portal all versions of 8.0.x, and 7.0.x have a vulnerability where code debugging methods are enabled, which could allow an attacker to remotely execute arbitrary code during runtime."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "LEFTOVER DEBUG CODE CWE-489"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.usa.philips.com/healthcare/about/customer-support/product-security",
"refsource": "CONFIRM",
"url": "https://www.usa.philips.com/healthcare/about/customer-support/product-security"
},
{
"name": "103182",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103182"
},
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2018-5454",
"datePublished": "2018-03-26T14:00:00.000Z",
"dateReserved": "2018-01-12T00:00:00.000Z",
"dateUpdated": "2024-09-16T16:57:42.535Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-5259 (GCVE-0-2017-5259)
Vulnerability from cvelistv5 – Published: 2017-12-20 22:00 – Updated: 2024-08-05 14:55- CWE-489 - (Leftover Debug Code)
| URL | Tags |
|---|---|
| https://blog.rapid7.com/2017/12/19/r7-2017-25-cam… | x_refsource_MISC |
| Vendor | Product | Version | |
|---|---|---|---|
| Cambium Networks | cnPilot |
Affected:
4.3.2-R4 and prior
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:55:35.778Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://blog.rapid7.com/2017/12/19/r7-2017-25-cambium-epmp-and-cnpilot-multiple-vulnerabilities/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "cnPilot",
"vendor": "Cambium Networks",
"versions": [
{
"status": "affected",
"version": "4.3.2-R4 and prior"
}
]
}
],
"datePublic": "2017-12-20T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "In versions 4.3.2-R4 and prior of Cambium Networks cnPilot firmware, an undocumented, root-privilege administration web shell is available using the HTTP path https://\u003cdevice-ip-or-hostname\u003e/adm/syscmd.asp."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-489",
"description": "CWE-489 (Leftover Debug Code)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-20T21:57:01.000Z",
"orgId": "9974b330-7714-4307-a722-5648477acda7",
"shortName": "rapid7"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://blog.rapid7.com/2017/12/19/r7-2017-25-cambium-epmp-and-cnpilot-multiple-vulnerabilities/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@rapid7.com",
"ID": "CVE-2017-5259",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "cnPilot",
"version": {
"version_data": [
{
"version_value": "4.3.2-R4 and prior"
}
]
}
}
]
},
"vendor_name": "Cambium Networks"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In versions 4.3.2-R4 and prior of Cambium Networks cnPilot firmware, an undocumented, root-privilege administration web shell is available using the HTTP path https://\u003cdevice-ip-or-hostname\u003e/adm/syscmd.asp."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-489 (Leftover Debug Code)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://blog.rapid7.com/2017/12/19/r7-2017-25-cambium-epmp-and-cnpilot-multiple-vulnerabilities/",
"refsource": "MISC",
"url": "https://blog.rapid7.com/2017/12/19/r7-2017-25-cambium-epmp-and-cnpilot-multiple-vulnerabilities/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9974b330-7714-4307-a722-5648477acda7",
"assignerShortName": "rapid7",
"cveId": "CVE-2017-5259",
"datePublished": "2017-12-20T22:00:00.000Z",
"dateReserved": "2017-01-09T00:00:00.000Z",
"dateUpdated": "2024-08-05T14:55:35.778Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
GHSA-23G2-F757-4428
Vulnerability from github – Published: 2025-10-25 00:30 – Updated: 2025-10-25 00:30An authenticated admin user with access to both the management WebUI and command line interface on a Firebox can enable a diagnostic debug shell by uploading a platform and version-specific diagnostic package and executing a leftover diagnostic command.
This issue affects Fireware OS: from 12.0 before 12.11.2.
{
"affected": [],
"aliases": [
"CVE-2025-4106"
],
"database_specific": {
"cwe_ids": [
"CWE-489"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-10-24T22:15:40Z",
"severity": "HIGH"
},
"details": "An authenticated admin user with access to both the management WebUI and command line interface on a Firebox can enable a diagnostic debug shell by uploading a platform and version-specific diagnostic package and executing a leftover diagnostic command.\n\n\n\nThis issue affects Fireware OS: from 12.0 before 12.11.2.",
"id": "GHSA-23g2-f757-4428",
"modified": "2025-10-25T00:30:39Z",
"published": "2025-10-25T00:30:39Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-4106"
},
{
"type": "WEB",
"url": "https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2025-00010"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-26GH-5QF3-P3Q4
Vulnerability from github – Published: 2024-05-15 21:31 – Updated: 2024-05-15 21:31Hard-coded credentials for the CyberPower PowerPanel test server can be found in the production code. This might result in an attacker gaining access to the testing or production server.
{
"affected": [],
"aliases": [
"CVE-2024-32047"
],
"database_specific": {
"cwe_ids": [
"CWE-489"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-05-15T20:15:12Z",
"severity": "CRITICAL"
},
"details": "Hard-coded credentials for the \nCyberPower PowerPanel test server can be found in the \nproduction code. This might result in an attacker gaining access to the \ntesting or production server.",
"id": "GHSA-26gh-5qf3-p3q4",
"modified": "2024-05-15T21:31:25Z",
"published": "2024-05-15T21:31:25Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-32047"
},
{
"type": "WEB",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-123-01"
},
{
"type": "WEB",
"url": "https://www.cyberpower.com/global/en/product/sku/powerpanel_business_for_windows#downloads"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-29R3-8MG2-RXQP
Vulnerability from github – Published: 2022-07-05 00:00 – Updated: 2022-07-16 00:00Authentication bypass by capture-replay vulnerability exists in Machine automation controller NX7 series all models V1.28 and earlier, Machine automation controller NX1 series all models V1.48 and earlier, and Machine automation controller NJ series all models V 1.48 and earlier, which may allow an adjacent attacker who can analyze the communication between the controller and the specific software used by OMRON internally to cause a denial-of-service (DoS) condition or execute a malicious program.
{
"affected": [],
"aliases": [
"CVE-2022-33971"
],
"database_specific": {
"cwe_ids": [
"CWE-294",
"CWE-489"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-07-04T02:15:00Z",
"severity": "HIGH"
},
"details": "Authentication bypass by capture-replay vulnerability exists in Machine automation controller NX7 series all models V1.28 and earlier, Machine automation controller NX1 series all models V1.48 and earlier, and Machine automation controller NJ series all models V 1.48 and earlier, which may allow an adjacent attacker who can analyze the communication between the controller and the specific software used by OMRON internally to cause a denial-of-service (DoS) condition or execute a malicious program.",
"id": "GHSA-29r3-8mg2-rxqp",
"modified": "2022-07-16T00:00:28Z",
"published": "2022-07-05T00:00:58Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-33971"
},
{
"type": "WEB",
"url": "https://jvn.jp/en/vu/JVNVU97050784/index.html"
},
{
"type": "WEB",
"url": "https://www.ia.omron.com/product/vulnerability/OMSR-2022-002_en.pdf"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-2QQV-J52Q-3XHQ
Vulnerability from github – Published: 2022-11-09 19:02 – Updated: 2022-11-10 12:01A leftover debug code vulnerability exists in the console infct functionality of InHand Networks InRouter302 V3.5.45. A specially-crafted series of network requests can lead to execution of privileged operations. An attacker can send a sequence of requests to trigger this vulnerability.
{
"affected": [],
"aliases": [
"CVE-2022-30543"
],
"database_specific": {
"cwe_ids": [
"CWE-489"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-11-09T18:15:00Z",
"severity": "HIGH"
},
"details": "A leftover debug code vulnerability exists in the console infct functionality of InHand Networks InRouter302 V3.5.45. A specially-crafted series of network requests can lead to execution of privileged operations. An attacker can send a sequence of requests to trigger this vulnerability.",
"id": "GHSA-2qqv-j52q-3xhq",
"modified": "2022-11-10T12:01:17Z",
"published": "2022-11-09T19:02:21Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30543"
},
{
"type": "WEB",
"url": "https://inhandnetworks.com/upload/attachment/202210/25/InHand-PSA-2022-02.pdf"
},
{
"type": "WEB",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1519"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-35V5-5W5J-5CX2
Vulnerability from github – Published: 2026-04-03 21:31 – Updated: 2026-04-03 21:31Development and test API endpoints are present that mirror production functionality.
{
"affected": [],
"aliases": [
"CVE-2026-32662"
],
"database_specific": {
"cwe_ids": [
"CWE-489"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-04-03T21:17:11Z",
"severity": "MODERATE"
},
"details": "Development and test API endpoints are present that mirror production functionality.",
"id": "GHSA-35v5-5w5j-5cx2",
"modified": "2026-04-03T21:31:43Z",
"published": "2026-04-03T21:31:43Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32662"
},
{
"type": "WEB",
"url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-055-03.json"
},
{
"type": "WEB",
"url": "https://mygardyn.com/security"
},
{
"type": "WEB",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-055-03"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
Mitigation
Remove debug code before deploying the application.
CAPEC-121: Exploit Non-Production Interfaces
An adversary exploits a sample, demonstration, test, or debug interface that is unintentionally enabled on a production system, with the goal of gleaning information or leveraging functionality that would otherwise be unavailable.
CAPEC-661: Root/Jailbreak Detection Evasion via Debugging
An adversary inserts a debugger into the program entry point of a mobile application to modify the application binary, with the goal of evading Root/Jailbreak detection. Mobile device users often Root/Jailbreak their devices in order to gain administrative control over the mobile operating system and/or to install third-party mobile applications that are not provided by authorized application stores (e.g. Google Play Store and Apple App Store). Rooting/Jailbreaking a mobile device also provides users with access to system debuggers and disassemblers, which can be leveraged to exploit applications by dumping the application's memory at runtime in order to remove or bypass signature verification methods. This further allows the adversary to evade Root/Jailbreak detection mechanisms, which can result in execution of administrative commands, obtaining confidential data, impersonating legitimate users of the application, and more.