Vulnerabilities > Hidden Functionality
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-16 | CVE-2024-45696 | Hidden Functionality vulnerability in Dlink Covr-X1870 Firmware and Dir-X4860 Firmware Certain models of D-Link wireless routers contain hidden functionality. | 8.8 |
| 2024-09-16 | CVE-2024-45697 | Hidden Functionality vulnerability in Dlink Dir-X4860 Firmware 1.00/1.04 Certain models of D-Link wireless routers have a hidden functionality where the telnet service is enabled when the WAN port is plugged in. | 9.8 |
| 2024-06-17 | CVE-2024-6045 | Certain models of D-Link wireless routers contain an undisclosed factory testing backdoor. low complexity CWE-912 | 8.8 |
| 2024-05-30 | CVE-2024-5514 | MinMax CMS from MinMax Digital Technology contains a hidden administrator account with a fixed password that cannot be removed or disabled from the management interface. | 9.8 |
| 2023-12-29 | CVE-2023-4467 | Hidden Functionality vulnerability in Poly Trio 8800 Firmware 7.2.6.0019 A vulnerability was found in Poly Trio 8800 7.2.6.0019 and classified as critical. | 6.6 |
| 2023-12-08 | CVE-2023-6614 | Hidden Functionality vulnerability in Typecho 1.2.1 A vulnerability classified as problematic was found in Typecho 1.2.1. | 2.7 |
| 2023-02-16 | CVE-2022-3843 | Hidden Functionality vulnerability in Wago 852-111/000-001 Firmware 01 In WAGO Unmanaged Switch (852-111/000-001) in firmware version 01 an undocumented configuration interface without authorization allows an remote attacker to read system information and configure a limited set of parameters. | 9.1 |
| 2022-10-21 | CVE-2022-3203 | Hidden Functionality vulnerability in Oringnet Iap-420+ Firmware and Iap-420 Firmware On ORing net IAP-420(+) with FW version 2.0m a telnet server is enabled by default and cannot permanently be disabled. | 9.8 |
| 2022-02-21 | CVE-2021-24867 | Hidden Functionality vulnerability in Accesspressthemes products Numerous Plugins and Themes from the AccessPress Themes (aka Access Keys) vendor are backdoored due to their website being compromised. | 7.5 |
| 2021-12-23 | CVE-2021-43987 | Hidden Functionality vulnerability in Myscada Mypro 7/7.0.26 An additional, nondocumented administrative account exists in mySCADA myPRO Versions 8.20.0 and prior that is not exposed through the web interface, which cannot be deleted or changed through the regular web interface. | 7.5 |