PULSE
LIVE45signals / 24h
FEED
ransomincransom reclama a Kyokuto Kaihatsu Kogyo · JP · Manufacturingransomnova reclama a Phi · Not Foundransomnova reclama a Digipro · Technologyransomnova reclama a Integrated Marketing Services · Business Servicesransomkrybit reclama a eitzchaim.com · IL · Not Foundransomkrybit reclama a formasuniversales.com · MX · Business Servicesransomkrybit reclama a rehabmalaysia.com · MY · Healthcareransomkrybit reclama a www.lagus.cz · CZ · Business Servicesransomgunra reclama a Dissinger and Dissinger Law Firm · US · Business Servicesransomplay reclama a Boston Electric and Telephone · US · Telecommunicationransomplay reclama a Wring Group · GB · Not Foundransomincransom reclama a asa-international.com · GB · Business Servicesransomplay reclama a AG Scholtes · NL · Manufacturingransomplay reclama a Andorra Life · AD · Healthcareransomincransom reclama a Kyokuto Kaihatsu Kogyo · JP · Manufacturingransomnova reclama a Phi · Not Foundransomnova reclama a Digipro · Technologyransomnova reclama a Integrated Marketing Services · Business Servicesransomkrybit reclama a eitzchaim.com · IL · Not Foundransomkrybit reclama a formasuniversales.com · MX · Business Servicesransomkrybit reclama a rehabmalaysia.com · MY · Healthcareransomkrybit reclama a www.lagus.cz · CZ · Business Servicesransomgunra reclama a Dissinger and Dissinger Law Firm · US · Business Servicesransomplay reclama a Boston Electric and Telephone · US · Telecommunicationransomplay reclama a Wring Group · GB · Not Foundransomincransom reclama a asa-international.com · GB · Business Servicesransomplay reclama a AG Scholtes · NL · Manufacturingransomplay reclama a Andorra Life · AD · Healthcare
← All CVEs
CVE WatchJul 9, 2026

CVE-2023-36082

An isssue in GatesAIr Flexiva FM Transmitter/Exiter Fax 150W allows a remote attacker to gain privileges via the LDAP and SMTP credentials.

CVSS

9.8

Critical

EPSS

0.8%

p52

KEV

Exploit Today

15

0-100

Published: Aug 3, 2023 · Last modified: Jul 9, 2026 · CWE-522

EPSS · 30d
0.8%EPSS · 30 days1.0%
2026-06-302026-07-16
Technical description

An isssue in GatesAIr Flexiva FM Transmitter/Exiter Fax 150W allows a remote attacker to gain privileges via the LDAP and SMTP credentials.

Official references
Related CVEs
CVECVSSEPSSKEVRExploitTitleMod.
CVE-2022-478805.3 MED
85.4%
26An Information disclosure vulnerability in /be/rpc.php in Jedox GmbH Jedox 2020.2.5 allow remote, authenticated users with permissions to modify database connections to disclose a connections' cleartext password via the 'test connection' function.8d
CVE-2021-342046.8 MED
62.4%
19D-Link DIR-2640-US 1.01B04 is affected by Insufficiently Protected Credentials. D-Link AC2600(DIR-2640) stores the device system account password in plain text. It does not use linux user management. In addition, the passwords of all devices are the same, and they cannot be modified by normal users. An attacker can easily log in to the target router through the serial port and obtain root privileges.8d
CVE-2026-90799.8 CRI
60.9%
18libcurl had a flaw that when instructed to clear proxy authentication credentials which made it not do so, leaving the old credentials around to get used for subsequent transfers that should not know nor use them.10d
CVE-2023-318247.5 HIG
57.5%
17An issue found in DERICIA Co. Ltd, DELICIA v.13.6.1 allows a remote attacker to gain access to sensitive information via the channel access token in the miniapp DELICIA function.8d
CVE-2021-290435.9 MED
50.4%
15The Portal Store module in Liferay Portal 7.0.0 through 7.3.5, and Liferay DXP 7.0 before fix pack 97, 7.1 before fix pack 21, 7.2 before fix pack 10 and 7.3 before fix pack 1 does not obfuscate the S3 store's proxy password, which allows attackers to steal the proxy password via man-in-the-middle attacks or shoulder surfing.8d
CVE-2026-89269.1 CRI
45.2%
14When asking curl to use a `.netrc` file to find credentials and at the same time specifying a URL with a username(without a password), like `https://user@example.com/`, curl could wrongly get and use the password for *another* user set in the `.netrc` file for that host if such a one exists and there is no match for the specified user.9d