Common Weakness Enumeration

CWE-912

Allowed-with-Review

Hidden Functionality

Abstraction: Class · Status: Incomplete

The product contains functionality that is not documented, not part of the specification, and not accessible through an interface or command sequence that is obvious to the product's users or administrators.

146 vulnerabilities reference this CWE, most recent first.

CVE-2017-20082 (GCVE-0-2017-20082)

Vulnerability from cvelistv5 – Published: 2022-06-22 06:10 – Updated: 2025-04-15 14:15
VLAI
Title
JUNG Smart Visu Server backdoor
Summary
A vulnerability, which was classified as problematic, has been found in JUNG Smart Visu Server 1.0.804/1.0.830/1.0.832. This issue affects some unknown processing. The manipulation leads to backdoor. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. Upgrading to version 1.0.900 is able to address this issue. It is recommended to upgrade the affected component.
SSVC
Exploitation: poc Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
Impacted products
Vendor Product Version
JUNG Smart Visu Server Affected: 1.0.804
Affected: 1.0.830
Affected: 1.0.832
Create a notification for this product.
Credits
T. Weber
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T21:45:25.349Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2017/Feb/18"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://vuldb.com/?id.96815"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2017-20082",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-14T17:09:09.795706Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-15T14:15:53.980Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Smart Visu Server",
          "vendor": "JUNG",
          "versions": [
            {
              "status": "affected",
              "version": "1.0.804"
            },
            {
              "status": "affected",
              "version": "1.0.830"
            },
            {
              "status": "affected",
              "version": "1.0.832"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "T. Weber"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability, which was classified as problematic, has been found in JUNG Smart Visu Server 1.0.804/1.0.830/1.0.832. This issue affects some unknown processing. The manipulation leads to backdoor. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. Upgrading to version 1.0.900 is able to address this issue. It is recommended to upgrade the affected component."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-912",
              "description": "CWE-912 Backdoor",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-06-22T06:10:14.000Z",
        "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "shortName": "VulDB"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://seclists.org/fulldisclosure/2017/Feb/18"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://vuldb.com/?id.96815"
        }
      ],
      "title": "JUNG Smart Visu Server backdoor",
      "x_generator": "vuldb.com",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cna@vuldb.com",
          "ID": "CVE-2017-20082",
          "REQUESTER": "cna@vuldb.com",
          "STATE": "PUBLIC",
          "TITLE": "JUNG Smart Visu Server backdoor"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Smart Visu Server",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "1.0.804"
                          },
                          {
                            "version_value": "1.0.830"
                          },
                          {
                            "version_value": "1.0.832"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "JUNG"
              }
            ]
          }
        },
        "credit": "T. Weber",
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability, which was classified as problematic, has been found in JUNG Smart Visu Server 1.0.804/1.0.830/1.0.832. This issue affects some unknown processing. The manipulation leads to backdoor. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. Upgrading to version 1.0.900 is able to address this issue. It is recommended to upgrade the affected component."
            }
          ]
        },
        "generator": "vuldb.com",
        "impact": {
          "cvss": {
            "baseScore": "5.5",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-912 Backdoor"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://seclists.org/fulldisclosure/2017/Feb/18",
              "refsource": "MISC",
              "url": "http://seclists.org/fulldisclosure/2017/Feb/18"
            },
            {
              "name": "https://vuldb.com/?id.96815",
              "refsource": "MISC",
              "url": "https://vuldb.com/?id.96815"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
    "assignerShortName": "VulDB",
    "cveId": "CVE-2017-20082",
    "datePublished": "2022-06-22T06:10:15.000Z",
    "dateReserved": "2022-06-19T00:00:00.000Z",
    "dateUpdated": "2025-04-15T14:15:53.980Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2011-10018 (GCVE-0-2011-10018)

Vulnerability from cvelistv5 – Published: 2025-08-13 20:35 – Updated: 2026-04-07 14:02
VLAI
Title
myBB 1.6.4 Backdoor Arbitrary Command Execution
Summary
myBB version 1.6.4 was distributed with an unauthorized backdoor embedded in the source code. The backdoor allowed remote attackers to execute arbitrary PHP code by injecting payloads into a specially crafted collapsed cookie. This vulnerability was introduced during packaging and was not part of the intended application logic. Exploitation requires no authentication and results in full compromise of the web server under the context of the web application.
SSVC
Exploitation: poc Automatable: yes Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-912 - Hidden Functionality
  • CWE-94 - Improper Control of Generation of Code ('Code Injection')
Assigner
Impacted products
Date Public
2011-10-09 00:00
Credits
MyBB
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2011-10018",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-08-14T14:07:57.715204Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-08-14T14:08:01.308Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "exploit"
            ],
            "url": "https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/unix/webapp/mybb_backdoor.rb"
          },
          {
            "tags": [
              "exploit"
            ],
            "url": "https://www.exploit-db.com/exploits/17949"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "modules": [
            "index.php",
            "collapsed cookie"
          ],
          "product": "Forum Software",
          "vendor": "myBB Group",
          "versions": [
            {
              "status": "affected",
              "version": "1.6.4"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:mybb:mybb:1.6.4:*:*:*:*:*:*:*",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ],
          "operator": "OR"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "MyBB"
        }
      ],
      "datePublic": "2011-10-09T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "myBB version 1.6.4 was distributed with an unauthorized backdoor embedded in the source code. The backdoor allowed remote attackers to execute arbitrary PHP code by injecting payloads into a specially crafted collapsed cookie. This vulnerability was introduced during packaging and was not part of the intended application logic. Exploitation requires no authentication and results in full compromise of the web server under the context of the web application."
            }
          ],
          "value": "myBB version 1.6.4 was distributed with an unauthorized backdoor embedded in the source code. The backdoor allowed remote attackers to execute arbitrary PHP code by injecting payloads into a specially crafted collapsed cookie. This vulnerability was introduced during packaging and was not part of the intended application logic. Exploitation requires no authentication and results in full compromise of the web server under the context of the web application."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-242",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-242 Code Injection"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 10,
            "baseSeverity": "CRITICAL",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "HIGH",
            "subConfidentialityImpact": "HIGH",
            "subIntegrityImpact": "HIGH",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-912",
              "description": "CWE-912 Hidden Functionality",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-94",
              "description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-07T14:02:09.269Z",
        "orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
        "shortName": "VulnCheck"
      },
      "references": [
        {
          "tags": [
            "exploit"
          ],
          "url": "https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/unix/webapp/mybb_backdoor.rb"
        },
        {
          "tags": [
            "exploit"
          ],
          "url": "https://www.exploit-db.com/exploits/17949"
        },
        {
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://web.archive.org/web/20111015224948/http://secunia.com/advisories/46300/"
        },
        {
          "tags": [
            "vendor-advisory",
            "patch"
          ],
          "url": "https://blog.mybb.com/2011/10/06/1-6-4-security-vulnerabilit/"
        },
        {
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://www.vulncheck.com/advisories/mybb-backdoor-arbitrary-command-execution"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "myBB 1.6.4 Backdoor Arbitrary Command Execution",
      "x_generator": {
        "engine": "vulncheck"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
    "assignerShortName": "VulnCheck",
    "cveId": "CVE-2011-10018",
    "datePublished": "2025-08-13T20:35:31.755Z",
    "dateReserved": "2025-08-13T17:52:08.905Z",
    "dateUpdated": "2026-04-07T14:02:09.269Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2010-20103 (GCVE-0-2010-20103)

Vulnerability from cvelistv5 – Published: 2025-08-20 15:38 – Updated: 2026-07-15 01:23 X_Known Exploited Vulnerability
VLAI
Title
ProFTPD 1.3.3c Backdoor Command Execution
Summary
A malicious backdoor was embedded in the official ProFTPD 1.3.3c source tarball distributed between November 28 and December 2, 2010. The backdoor implements a hidden FTP command trigger that, when invoked, causes the server to execute arbitrary shell commands with root privileges. This allows remote, unauthenticated attackers to run any OS command on the FTP server host.
SSVC
Exploitation: poc Automatable: yes Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
Impacted products
Date Public
2010-12-02 00:00
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2010-20103",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-08-22T15:44:16.891816Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-08-22T15:44:20.670Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "exploit"
            ],
            "url": "https://www.exploit-db.com/exploits/16921"
          },
          {
            "tags": [
              "exploit"
            ],
            "url": "https://www.exploit-db.com/exploits/15662"
          },
          {
            "tags": [
              "exploit"
            ],
            "url": "https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/unix/ftp/proftpd_133c_backdoor.rb"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "modules": [
            "core daemon"
          ],
          "packageURL": "pkg:github/proftpd/proftpd",
          "product": "ProFTPD (Professional FTP Daemon)",
          "repo": "https://github.com/proftpd/proftpd",
          "vendor": "ProFTPD Project",
          "versions": [
            {
              "status": "affected",
              "version": "1.3.3c"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:proftpd:proftpd:1.3.3c:*:*:*:*:*:*:*",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ],
          "operator": "OR"
        }
      ],
      "datePublic": "2010-12-02T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eA malicious backdoor was embedded in the official ProFTPD 1.3.3c source tarball distributed between November 28 and December 2, 2010. The backdoor implements a hidden FTP command trigger that, when invoked, causes the server to execute arbitrary shell commands with root privileges. This allows remote, unauthenticated attackers to run any OS command on the FTP server host.\u003c/p\u003e"
            }
          ],
          "value": "A malicious backdoor was embedded in the official ProFTPD 1.3.3c source tarball distributed between November 28 and December 2, 2010. The backdoor implements a hidden FTP command trigger that, when invoked, causes the server to execute arbitrary shell commands with root privileges. This allows remote, unauthenticated attackers to run any OS command on the FTP server host."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-88",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-88 OS Command Injection"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 9.3,
            "baseSeverity": "CRITICAL",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-912",
              "description": "CWE-912 Hidden Functionality",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-07-15T01:23:11.729Z",
        "orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
        "shortName": "VulnCheck"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory",
            "patch"
          ],
          "url": "https://web.archive.org/web/20111107212129/http://rsync.proftpd.org/"
        },
        {
          "tags": [
            "exploit"
          ],
          "url": "https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/unix/ftp/proftpd_133c_backdoor.rb"
        },
        {
          "tags": [
            "exploit"
          ],
          "url": "https://www.exploit-db.com/exploits/15662"
        },
        {
          "tags": [
            "exploit"
          ],
          "url": "https://www.exploit-db.com/exploits/16921"
        },
        {
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://advisories.checkpoint.com/defense/advisories/public/2011/cpai-2010-151.html/"
        },
        {
          "tags": [
            "product"
          ],
          "url": "https://github.com/proftpd/proftpd"
        },
        {
          "tags": [
            "product"
          ],
          "url": "http://www.proftpd.org/"
        },
        {
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://www.vulncheck.com/advisories/proftpd-backdoor-command-execution"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "tags": [
        "x_known-exploited-vulnerability"
      ],
      "title": "ProFTPD 1.3.3c Backdoor Command Execution",
      "x_generator": {
        "engine": "vulncheck"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
    "assignerShortName": "VulnCheck",
    "cveId": "CVE-2010-20103",
    "datePublished": "2025-08-20T15:38:46.697Z",
    "dateReserved": "2025-08-19T16:00:37.400Z",
    "dateUpdated": "2026-07-15T01:23:11.729Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

GHSA-236C-VHJ4-GFXG

Vulnerability from github – Published: 2022-05-25 00:00 – Updated: 2026-02-17 21:40
VLAI
Summary
Duplicate Advisory: Embedded malware in ua-parser-js
Details

Duplicate Advisory

This advisory has been withdrawn because it is a duplicate of GHSA-pjwm-rvh2-c87w. This link is maintained to preserve external references.

Original Description

A vulnerability was found in ua-parser-js 0.7.29/0.8.0/1.0.0. It has been rated as critical. This issue affects the crypto mining component which introduces a backdoor. Upgrading to version 0.7.30, 0.8.1 and 1.0.1 is able to address this issue. It is recommended to upgrade the affected component.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "ua-parser-js"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0.7.29"
            },
            {
              "fixed": "0.7.30"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "0.7.29"
      ]
    },
    {
      "package": {
        "ecosystem": "npm",
        "name": "ua-parser-js"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0.8.0"
            },
            {
              "fixed": "0.8.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "0.8.0"
      ]
    },
    {
      "package": {
        "ecosystem": "npm",
        "name": "ua-parser-js"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "1.0.0"
            },
            {
              "fixed": "1.0.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "1.0.0"
      ]
    }
  ],
  "aliases": [],
  "database_specific": {
    "cwe_ids": [
      "CWE-829",
      "CWE-912"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-02-17T21:40:20Z",
    "nvd_published_at": "2022-05-24T16:15:00Z",
    "severity": "HIGH"
  },
  "details": "### Duplicate Advisory\nThis advisory has been withdrawn because it is a duplicate of GHSA-pjwm-rvh2-c87w. This link is maintained to preserve external references.\n\n### Original Description\nA vulnerability was found in ua-parser-js 0.7.29/0.8.0/1.0.0. It has been rated as critical. This issue affects the crypto mining component which introduces a backdoor. Upgrading to version 0.7.30, 0.8.1 and 1.0.1 is able to address this issue. It is recommended to upgrade the affected component.",
  "id": "GHSA-236c-vhj4-gfxg",
  "modified": "2026-02-17T21:40:20Z",
  "published": "2022-05-25T00:00:31Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-4229"
    },
    {
      "type": "WEB",
      "url": "https://github.com/faisalman/ua-parser-js/issues/536"
    },
    {
      "type": "ADVISORY",
      "url": "https://github.com/advisories/GHSA-pjwm-rvh2-c87w"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?id.185453"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Duplicate Advisory: Embedded malware in ua-parser-js",
  "withdrawn": "2026-02-17T21:40:20Z"
}

GHSA-23CV-W96C-877F

Vulnerability from github – Published: 2025-03-28 03:30 – Updated: 2025-04-03 15:31
VLAI
Details

The Go1 also known as "The World's First Intelligence Bionic Quadruped Robot Companion of Consumer Level," contains an undocumented backdoor that can enable the manufacturer, and anyone in possession of the correct API key, complete remote control over the affected robotic device using the CloudSail remote access service.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-2894"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-912"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-03-28T03:15:18Z",
    "severity": "MODERATE"
  },
  "details": "The Go1\u00a0also known as \"The World\u0027s First Intelligence Bionic Quadruped Robot Companion of Consumer Level,\" contains an undocumented backdoor that can enable the manufacturer, and anyone in possession of the correct API key, complete remote control over the affected robotic device using the CloudSail remote access service.",
  "id": "GHSA-23cv-w96c-877f",
  "modified": "2025-04-03T15:31:09Z",
  "published": "2025-03-28T03:30:25Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-2894"
    },
    {
      "type": "WEB",
      "url": "https://github.com/unitreerobotics/unitree_ros/issues/120"
    },
    {
      "type": "WEB",
      "url": "https://github.com/MAVProxyUser/YushuTechUnitreeGo1/blob/main/Unitree_report.pdf"
    },
    {
      "type": "WEB",
      "url": "https://takeonme.org/cves/cve-2025-2894"
    },
    {
      "type": "WEB",
      "url": "https://www.axios.com/2025/04/01/threat-spotlight-backdoor-in-chinese-robots-future-of-cybersecurity"
    },
    {
      "type": "WEB",
      "url": "https://x.com/d0tslash/status/1730989109332607208"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-29HX-4X6H-2Q4X

Vulnerability from github – Published: 2023-12-29 12:30 – Updated: 2024-02-29 03:32
VLAI
Details

A vulnerability was found in Poly Trio 8800 7.2.6.0019 and classified as critical. Affected by this issue is some unknown functionality of the component Test Automation Mode. The manipulation leads to backdoor. It is possible to launch the attack on the physical device. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-249260.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-4467"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-912"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-12-29T10:15:12Z",
    "severity": "MODERATE"
  },
  "details": "A vulnerability was found in Poly Trio 8800 7.2.6.0019 and classified as critical. Affected by this issue is some unknown functionality of the component Test Automation Mode. The manipulation leads to backdoor. It is possible to launch the attack on the physical device. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-249260.",
  "id": "GHSA-29hx-4x6h-2q4x",
  "modified": "2024-02-29T03:32:46Z",
  "published": "2023-12-29T12:30:41Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-4467"
    },
    {
      "type": "WEB",
      "url": "https://fahrplan.events.ccc.de/congress/2023/fahrplan/events/11919.html"
    },
    {
      "type": "WEB",
      "url": "https://github.com/modzero/MZ-23-01-Poly-VoIP-Devices"
    },
    {
      "type": "WEB",
      "url": "https://modzero.com/en/advisories/mz-23-01-poly-voip"
    },
    {
      "type": "WEB",
      "url": "https://modzero.com/en/advisories/mz-23-01-poly-voip-devices"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?ctiid.249260"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?id.249260"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-2R6R-VGG5-P59V

Vulnerability from github – Published: 2026-07-13 09:31 – Updated: 2026-07-13 09:31
VLAI
Details

Certain devices in the WAGO System I/O Field series activate an internal diagnostic capability during the initial startup sequence. This functionality is not formally documented and becomes accessible without authentication for a brief period in the early boot phase. During this window, an unauthenticated remote attacker can gain access to the internal system processes, resulting in full system compromise.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-4769"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-912"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-07-13T08:16:21Z",
    "severity": "CRITICAL"
  },
  "details": "Certain devices in the WAGO System I/O Field series activate an internal diagnostic capability during the initial startup sequence. This functionality is not formally documented and becomes accessible without authentication for a brief period in the early boot phase. During this window, an unauthenticated remote attacker can gain access to the internal system processes, resulting in full system compromise.",
  "id": "GHSA-2r6r-vgg5-p59v",
  "modified": "2026-07-13T09:31:42Z",
  "published": "2026-07-13T09:31:42Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-4769"
    },
    {
      "type": "WEB",
      "url": "https://www.certvde.com/en/advisories/VDE-2026-031"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-397X-MCH8-3P5M

Vulnerability from github – Published: 2025-06-29 03:33 – Updated: 2025-06-29 03:33
VLAI
Details

A vulnerability, which was classified as critical, has been found in Conjure Position Department Service Quality Evaluation System up to 1.0.11. Affected by this issue is the function eval of the file public/assets/less/bootstrap-less/mixins/head.php. The manipulation of the argument payload leads to backdoor. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-6839"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-912"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-06-29T02:15:21Z",
    "severity": "MODERATE"
  },
  "details": "A vulnerability, which was classified as critical, has been found in Conjure Position Department Service Quality Evaluation System up to 1.0.11. Affected by this issue is the function eval of the file public/assets/less/bootstrap-less/mixins/head.php. The manipulation of the argument payload leads to backdoor. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.",
  "id": "GHSA-397x-mch8-3p5m",
  "modified": "2025-06-29T03:33:10Z",
  "published": "2025-06-29T03:33:10Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6839"
    },
    {
      "type": "WEB",
      "url": "https://note-hxlab.wetolink.com/share/LZJIef0phS6B"
    },
    {
      "type": "WEB",
      "url": "https://note-hxlab.wetolink.com/share/LZJIef0phS6B#proof-of-concept-"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?ctiid.314282"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?id.314282"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?submit.603176"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-3CC5-Q36C-J82W

Vulnerability from github – Published: 2025-08-14 06:30 – Updated: 2025-08-14 06:30
VLAI
Details

A vulnerability was found in TOTOLINK N350R 1.2.3-B20130826. This issue affects the function formSysTel of the file /boafrm/formSysTel of the component Telnet Service. The manipulation of the argument TelEnabled leads to backdoor. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-8938"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-912"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-08-14T05:15:27Z",
    "severity": "MODERATE"
  },
  "details": "A vulnerability was found in TOTOLINK N350R 1.2.3-B20130826. This issue affects the function formSysTel of the file /boafrm/formSysTel of the component Telnet Service. The manipulation of the argument TelEnabled leads to backdoor. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.",
  "id": "GHSA-3cc5-q36c-j82w",
  "modified": "2025-08-14T06:30:34Z",
  "published": "2025-08-14T06:30:34Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-8938"
    },
    {
      "type": "WEB",
      "url": "https://github.com/rew1X/CVE/blob/main/TOTOLINK/formSysTel/formSysTel.md"
    },
    {
      "type": "WEB",
      "url": "https://github.com/rew1X/CVE/blob/main/TOTOLINK/formSysTel/formSysTel.md#poc"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?ctiid.319901"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?id.319901"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?submit.631837"
    },
    {
      "type": "WEB",
      "url": "https://www.totolink.net"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-3VP9-WJW8-VGMX

Vulnerability from github – Published: 2026-03-27 06:31 – Updated: 2026-03-31 21:31
VLAI
Details

Hidden functionality issue exists in BUFFALO Wi-Fi router products, which may allow an attacker to gain access to the product’s debugging functionality, resulting in the execution of arbitrary OS commands.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-33280"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-912"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-03-27T06:16:38Z",
    "severity": "HIGH"
  },
  "details": "Hidden functionality issue exists in BUFFALO Wi-Fi router products, which may allow an attacker to gain access to the product\u2019s debugging functionality, resulting in the execution of arbitrary OS commands.",
  "id": "GHSA-3vp9-wjw8-vgmx",
  "modified": "2026-03-31T21:31:15Z",
  "published": "2026-03-27T06:31:43Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33280"
    },
    {
      "type": "WEB",
      "url": "https://jvn.jp/en/jp/JVN83788689"
    },
    {
      "type": "WEB",
      "url": "https://www.buffalo.jp/news/detail/20260323-01.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

Mitigation
Installation

Always verify the integrity of the product that is being installed.

CAPEC-133: Try All Common Switches

An attacker attempts to invoke all common switches and options in the target application for the purpose of discovering weaknesses in the target. For example, in some applications, adding a --debug switch causes debugging information to be displayed, which can sometimes reveal sensitive processing or configuration information to an attacker. This attack differs from other forms of API abuse in that the attacker is indiscriminately attempting to invoke options in the hope that one of them will work rather than specifically targeting a known option. Nonetheless, even if the attacker is familiar with the published options of a targeted application this attack method may still be fruitful as it might discover unpublicized functionality.

CAPEC-190: Reverse Engineer an Executable to Expose Assumed Hidden Functionality

An attacker analyzes a binary file or executable for the purpose of discovering the structure, function, and possibly source-code of the file by using a variety of analysis techniques to effectively determine how the software functions and operates. This type of analysis is also referred to as Reverse Code Engineering, as techniques exist for extracting source code from an executable. Several techniques are often employed for this purpose, both black box and white box. The use of computer bus analyzers and packet sniffers allows the binary to be studied at a level of interactions with its computing environment, such as a host OS, inter-process communication, and/or network communication. This type of analysis falls into the 'black box' category because it involves behavioral analysis of the software without reference to source code, object code, or protocol specifications.