CVE-2025-46176 – D-Link DIR-605L DIR-816L Telnet Command Injection

May 23, 2025

CVE ID : CVE-2025-46176

Published : May 23, 2025, 7:15 p.m. | 1 hour, 38 minutes ago

Description : Hardcoded credentials in the Telnet service in D-Link DIR-605L v2.13B01 and DIR-816L v2.06B01 allow attackers to remotely execute arbitrary commands via firmware analysis.

Severity: 6.5 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-48735 – BOS IPC SQL Injection Vulnerability

Next Article CVE-2025-44998 – TinyFileManager Stored XSS

Highlights

CVE-2024-58134 – Mojolicious Default HMAC Session Secret Vulnerability

May 3, 2025

CVE ID : CVE-2024-58134

Published : May 3, 2025, 4:15 p.m. | 1 hour, 16 minutes ago

Description : Mojolicious versions from 0.999922 through 9.39 for Perl uses a hard coded string, or the application’s class name, as a HMAC session secret by default.

These predictable default secrets can be exploited to forge session cookies. An attacker who knows or guesses the secret could compute valid HMAC signatures for the session cookie, allowing them to tamper with or hijack another user’s session.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

A Week In The Life Of An AI-Augmented Designer

This week in AI updates: Gemini Code Assist Agent Mode, GitHub’s Agents panel, and more (August 22, 2025)

Microsoft adds Copilot-powered debugging features for .NET in Visual Studio

Blackstone portfolio company R Systems Acquires Novigo Solutions, Strengthening its Product Engineering and Full-Stack Agentic-AI Capabilities

The best AirTag alternative for Samsung users is currently 30% off

One of the biggest new features on the Google Pixel 10 is also one of the most overlooked

I tested these viral ‘crush-proof’ Bluetooth speakers, and they’re not your average portables

I compared the best smartwatches from Google and Apple – and there’s a clear winner

MongoDB Data Types

MongoDB Data Types

Building Cross-Platform Alerts with Laravel’s Notification Framework

Add Notes Functionality to Eloquent Models With the Notable Package

Microsoft nags more users with Windows 10 end of life banner, says get Windows 11

Microsoft nags more users with Windows 10 end of life banner, says get Windows 11

Hate Windows 11? Windows 10’s extended updates Enroll button is slowly rolling out, says Microsoft

Firefox Web App Support Available to Test (on Windows, At Least)

CVE-2025-46176 – D-Link DIR-605L DIR-816L Telnet Command Injection

CVE-2025-8208 – Spexo Addons for Elementor WordPress Stored Cross-Site Scripting

CVE-2025-9379 – “Belkin AX1800 Firmware Update Handler Remote Authentication Bypass”

Reimagining Legacy Systems with AI: Why We’re Building the Future

Xbox just quietly added two of the best RPGs of all time to Game Pass

OpenAI shifts to Google for cloud computing support as Microsoft partnership falters, despite Sam Altman’s “compute-sufficient” claim

Microsoft Edge’s Find on Page getting Copilot Suggestions

CVE-2024-58134 – Mojolicious Default HMAC Session Secret Vulnerability

How I automate basic tasks on Linux with bash scripts – and why you should try it

CVE-2025-3594 – Liferay Portal Xuggler Path Traversal Remote File Inclusion

CVE-2025-48752 – Apache Process-Sync Pthread Mutex Unlock Vulnerability

CVE-2025-46176 – D-Link DIR-605L DIR-816L Telnet Command Injection

Related Posts