packetstorm - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 7.5	PACKETSTORM:221651	📄 ZTE Unauthenticated Denial of Service_PACKETSTORM:221651 ZTE routers 17+ models suffer from an unauthenticated denial of service vulnerability via an oversized POST body...	N/A	N/A	May 20, 2026	PACKETSTORM
HIGH 7.1	PACKETSTORM:221650	📄 ZTE ZXHN H188A 6 Authentication Bypass / Credential Disclosure_PACKETSTORM:221650 ZTE ZXHN H188A version 6 suffers from an authentication bypass vulnerability via a pre-login wizard credential leak...	N/A	N/A	May 20, 2026	PACKETSTORM
HIGH 8.7	PACKETSTORM:221283	📄 4D Server Server-Side Request Forgery / Arbitrary File Read_PACKETSTORM:221283 Unauthenticated attackers can exploit a weakness in the XML parser functionality of the SOAP endpoints in 4D server. This allows them to obtain rea...	N/A	N/A	May 18, 2026	PACKETSTORM
HIGH 7.7	PACKETSTORM:221284	📄 Lobster_pro Arbitrary File Read / Server-Side Request Forgery_PACKETSTORM:221284 Unauthenticated attackers can exploit a weakness in the XML parser functionality of Lobsterpro prior to version 4.12.6-GA. This allows them to obta...	N/A	N/A	May 18, 2026	PACKETSTORM
NONE	PACKETSTORM:221272	📄 Bichon 1.0.2 Bearer Access Token Disclosure_PACKETSTORM:221272 Bichon version 1.0.2 accepts Bearer access tokens via GET requests which has the negative side affect of being disclosed in logs, REFERER headers, ...	N/A	N/A	May 18, 2026	PACKETSTORM
NONE	PACKETSTORM:221274	📄 Bichon 1.0.2 SOCKS5 Proxy Topology Disclosure_PACKETSTORM:221274 Bichon version 1.0.2 suffers from a SOCKS5 proxy topology disclosure vulnerability via /list-proxy...	N/A	N/A	May 18, 2026	PACKETSTORM
NONE	PACKETSTORM:221273	📄 Bichon 1.0.2 Privilege Escalation_PACKETSTORM:221273 Bichon version 1.0.2 suffers from a vertical privilege escalation vulnerability via the account role assignment functionality...	N/A	N/A	May 18, 2026	PACKETSTORM
CRITICAL 9.8	PACKETSTORM:221269	📄 CPanel/WHM CRLF Injection / Authentication Bypass / Remote Code Execution_PACKETSTORM:221269 This Metasploit module exploits CVE-2026-41940, a CRLF injection in cPanel/WHMs cpsrvd daemon that allows unauthenticated remote code execution as ...	N/A	N/A	May 18, 2026	PACKETSTORM
CRITICAL 9.8	PACKETSTORM:221161	📄 HUSTOJ Zip Slip / Remote Code Execution_PACKETSTORM:221161 This Metasploit module demonstrates a remote code execution vulnerability in HUSTOJ. A user with administrative privileges can abuse the problemimp...	N/A	N/A	May 15, 2026	PACKETSTORM
CRITICAL 9.8	PACKETSTORM:221081	📄 ePati Antikor NGFW 2.0.1301 Authentication Bypass_PACKETSTORM:221081 ePati Antikor NGFW version 2.0.1301 suffers from an authentication bypass vulnerability...	N/A	N/A	May 14, 2026	PACKETSTORM