CVE-2025-28200
Victure RX1800 EN_V1.0.0_r12_110933 was discovered to utilize a weak default password which includes the last 8 digits of the Mac address.
CVSS
9.8
Crítico
EPSS
0.5%
p41
KEV
—
Exploit Today
12
0-100
Publicado: 9 may 2025 · Última mod.: 5 jul 2026 · CWE-521
0.5%EPSS · 30 días0.6%
2026-06-302026-07-16
Victure RX1800 EN_V1.0.0_r12_110933 was discovered to utilize a weak default password which includes the last 8 digits of the Mac address.
CVECVSSEPSSKEVRExplotTítuloVis.
CVE-2024-428509.8 CRÍ70.3%
——21An issue in the password change function of Silverpeas v6.4.2 and lower allows for the bypassing of password complexity requirements.12dCVE-2025-637479.8 CRÍ34.2%
——10QaTraq 6.9.2 ships with administrative account credentials which are enabled in default installations and permit immediate login via the web application login page. Because the account provides administrative privileges in the default configuration, an attacker who can reach the login page can gain administrative access.12dCVE-2026-337717.4 ALT18.0%
——5A Weak Password Requirements vulnerability in the password management function of Juniper Networks CTP OS might allow an unauthenticated, network-based attacker to exploit weak passwords of local accounts and potentially take full control of the device.
The password management menu enables the administrator to set password complexity requirements, but these settings are not saved. The issue can be verified with the menu option "Show password requirements". Failure to enforce the intended requirements can lead to weak passwords being used, which significantly increases the likelihood that an attacker can guess these and subsequently attain unauthorized access.
This issue affects CTP OS versions 9.2R1 and 9.2R2.4dCVE-2026-35097—16.2%
——5KTM System e-BOK enforces a maximum password length of six numeric digits and does not permit the use of any alphabetic, special, or extended characters.
This issue was fixed in the patch published in June 2026.17d