{"vulnerability": "CVE-2025-7131", "sightings": [{"uuid": "7580d962-42d1-4e56-b6df-bf9985a4dd68", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-71310", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmqp33wzez2i", "content": "CVE-2025-71310 - Backdrop CMS YouTube GDPR Cookies Module XSS\nCVE ID : CVE-2025-71310\n \n Published : May 26, 2026, 1:06 a.m. | 5\u00a0hours, 25\u00a0minutes ago\n \n Description : The GDPR cookies module for Backdrop CMS (before \n\n1.x-1.3.5) doesn't sufficiently protect visitors from Cros...", "creation_timestamp": "2026-05-26T09:38:33.010829Z"}, {"uuid": "0a99c3d9-67b5-4af3-8d0f-a5f4cb24aa8b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-7131", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ltf4rsugsq2r", "content": "", "creation_timestamp": "2025-07-07T15:42:07.420152Z"}, {"uuid": "ab5ddc5f-7038-47a9-8af7-d0385df5db74", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-71318", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mnkv35egh724", "content": "CVE-2025-71318 - NetMan 204 Missing Authentication for Administrative Functions\nCVE ID : CVE-2025-71318\n \n Published : June 5, 2026, 6:16 p.m. | 57\u00a0minutes ago\n \n Description : NetMan 204 fails to enforce authentication on its administrative pages and command endpoints. A remo...", "creation_timestamp": "2026-06-05T19:35:09.942858Z"}, {"uuid": "bdf7b9cd-ba5f-4fe2-a0fc-ad3b78ef610a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-71317", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/116699103506638031", "content": "\nNetMan 204 contains a hard-coded backdoor account with the username and password 'eurek' that grants administrative access. A remote, unauthenticated attacker can authenticate through the cgi-bin/login.cgi endpoint (for example /cgi-bin/login.cgi?username=eurek&password=eurek, which due to lax parameter validation can be shortened to /cgi-bin/login.cgi?username=eurek%20eurek) to obtain administrator privileges, allowing them to alter device configuration, enable the telnet/SSH services, and reset local user credentials.\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-71317", "creation_timestamp": "2026-06-05T19:16:45.454012Z"}, {"uuid": "557c44f0-035f-42ae-93a7-093f65976667", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-71317", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mnkvb4gtlz2p", "content": "CVE-2025-71317 - NetMan 204 Hard-coded Backdoor Credentials\nCVE ID : CVE-2025-71317\n \n Published : June 5, 2026, 6:16 p.m. | 57\u00a0minutes ago\n \n Description : NetMan 204 contains a hard-coded backdoor account with the username and password 'eurek' that grants administrative acce...", "creation_timestamp": "2026-06-05T19:38:31.978177Z"}, {"uuid": "9b5a1637-388b-471a-b3a3-2e91dc6414d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-71317", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mnldwsvcjy2d", "content": "\ud83d\udd34 CVE-2025-71317 - Critical (9.8)\n\nNetMan 204 contains a hard-coded backdoor account with the username and password 'eurek' that gra...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2025-71317/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-06T00:01:11.762156Z"}, {"uuid": "12d1f809-0996-4960-883f-68bcaa83bf7b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-71318", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mnlhc2v2ve2d", "content": "\ud83d\udd34 CVE-2025-71318 - Critical (9.8)\n\nNetMan 204 fails to enforce authentication on its administrative pages and command endpoints. A r...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2025-71318/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-06T01:01:11.245505Z"}]}