Souvik Kandar

20 exploits Active since Nov 2025
CVE-2026-1341 WRITEUP CRITICAL WRITEUP
Avation Light Engine Pro - Info Disclosure
Avation Light Engine Pro exposes its configuration and control interface without any authentication or access control.
CVE-2026-5386 WRITEUP CRITICAL WRITEUP
KMW KM-IP521 - KMW CCTV Security Cameras Unverified Password Change
The affected KMW CCTV Security Cameras are vulnerable to a critical unauthenticated password reset. This flaw allows an attacker to remotely reset the administrator password to a known value without authentication, granting full access to the camera feeds and settings.
CVSS 9.1
CVE-2026-8598 WRITEUP CRITICAL WRITEUP
Unauthenticated Export Service in ZKTeco CCTV Cameras
An undocumented configuration export port is accessible on some models of ZKTeco CCTV cameras. This port does not require authentication and exposes critical information about the camera such as open services and camera account credentials.
CVSS 9.1
CVE-2026-3893 WRITEUP CRITICAL WRITEUP
Carlson Software VASCO-B GNSS Receiver Missing Authentication for Critical Function
The Carlson VASCO-B GNSS Receiver lacks an authentication mechanism, allowing an attacker with network access to directly access and modify its configuration and operational functions without needing credentials.
CVSS 9.4
CVE-2026-20766 WRITEUP HIGH WRITEUP
Milesight Cameras Heap-based Buffer Overflow
An out-of-bounds memory access vulnerability exists in specific firmware versions of Milesight AIOT cameras.
CVSS 8.8
CVE-2026-32644 WRITEUP CRITICAL WRITEUP
Milesight Cameras Use of Hard-coded Cryptographic Key
Specific firmware versions of Milesight AIOT cameras use SSL certificates with default private keys.
CVSS 9.8
CVE-2026-32649 WRITEUP MEDIUM WRITEUP
Milesight Cameras OS Command Injection
A command injection vulnerability exists in the web server of specific firmware versions of Milesight cameras.
CVSS 6.8
CVE-2026-27785 WRITEUP HIGH WRITEUP
Milesight Cameras Use of Hard-coded Credentials
Specific firmware versions of Milesight AIOT camera firmware contain hard-coded credentials.
CVSS 8.8
CVE-2026-28747 WRITEUP HIGH WRITEUP
Milesight Cameras Authorization Bypass Through User-Controlled Key
A weak key generation vulnerability exists in specific firmware versions of Milesight AIOT cameras allows authorization to be bypassed.
CVSS 7.1
CVE-2025-13607 WRITEUP CRITICAL WRITEUP
Camera Configuration Info Disclosure
A malicious actor can access camera configuration information, including account credentials, without authenticating when accessing a vulnerable URL.
CVSS 9.4
CVE-2025-14466 WRITEUP MEDIUM WRITEUP
Güralp Fortimus/Minimus/Certimus - DoS
A vulnerability in the web interface of the Güralp Fortimus Series, Minimus Series and Certimus Series allows an unauthenticated attacker with network access to send specially-crafted HTTP requests that can cause the web service process to deliberately restart. Although this mechanism limits the impact of the attack, it results in a brief denial-of-service condition during the restart.
CVSS 5.3
CVE-2025-54863 WRITEUP CRITICAL WRITEUP
Radiometrics VizAir < 2025-08 - Unauthenticated Exposure of REST API Key via Public Configuration File
Radiometrics VizAir is vulnerable to exposure of the system's REST API key through a publicly accessible configuration file. This allows attackers to remotely alter weather data and configurations, automate attacks against multiple instances, and extract sensitive meteorological data, which could potentially compromise airport operations. Additionally, attackers could flood the system with false alerts, leading to a denial-of-service condition and significant disruption to airport operations. Unauthorized remote control over aviation weather monitoring and data manipulation could result in incorrect flight planning and hazardous takeoff and landing conditions.
CVSS 10.0
CVE-2025-61945 WRITEUP CRITICAL WRITEUP
Radiometrics VizAir < 2025-08 - Unauthenticated Admin Panel Access
Radiometrics VizAir is vulnerable to any remote attacker via access to the admin panel of the VizAir system without authentication. Once inside, the attacker can modify critical weather parameters such as wind shear alerts, inversion depth, and CAPE values, which are essential for accurate weather forecasting and flight safety. This unauthorized access could result in the disabling of vital alerts, causing hazardous conditions for aircraft, and manipulating runway assignments, which could result in mid-air conflicts or runway incursions.
CVSS 10.0
CVE-2025-61956 WRITEUP CRITICAL WRITEUP
Radiometrics VizAir < 2025-08 - Unauthenticated Critical Function Access
Radiometrics VizAir is vulnerable to a lack of authentication mechanisms for critical functions, such as admin access and API requests. Attackers can modify configurations without authentication, potentially manipulating active runway settings and misleading air traffic control (ATC) and pilots. Additionally, manipulated meteorological data could mislead forecasters and ATC, causing inaccurate flight planning.
CVSS 10.0
CVE-2025-64307 WRITEUP MEDIUM WRITEUP
Brightpick Internal Logic Control - Unauthenticated RCE
The Brightpick Internal Logic Control web interface is accessible without requiring user authentication. An unauthorized user could exploit this interface to manipulate robot control functions, including initiating or halting runners, assigning jobs, clearing stations, and deploying storage totes.
CVSS 6.5
CVE-2025-64308 WRITEUP HIGH WRITEUP
Brightpick Mission Control - Info Disclosure
The Brightpick Mission Control web application exposes hardcoded credentials in its client-side JavaScript bundle.
CVSS 7.5
CVE-2025-64309 WRITEUP HIGH WRITEUP
Brightpick Mission Control - Info Disclosure
Brightpick Mission Control discloses device telemetry, configuration, and credential information via WebSocket traffic to unauthenticated users when they connect to a specific URL. The unauthenticated URL can be discovered through basic network scanning techniques.
CVSS 8.6
CVE-2026-1632 WRITEUP CRITICAL WRITEUP
MOMA Seismic Station <v2.4.2520 - Info Disclosure
MOMA Seismic Station Version v2.4.2520 and prior exposes its web management interface without requiring authentication, which could allow an unauthenticated attacker to modify configuration settings, acquire device data or remotely reset the device.
CVSS 9.1
CVE-2026-1633 WRITEUP CRITICAL WRITEUP
Synectix LAN 232 TRIO - Info Disclosure
The Synectix LAN 232 TRIO 3-Port serial to ethernet adapter exposes its web management interface without requiring authentication, allowing unauthenticated users to modify critical device settings or factory reset the device.
CVSS 10.0
CVE-2026-1670 WRITEUP CRITICAL WRITEUP
Affected Products - Info Disclosure
The affected products are vulnerable to an unauthenticated API endpoint exposure, which may allow an attacker to remotely change the "forgot password" recovery email address.
CVSS 9.8