CVE‑2025‑3461: Unauthenticated Telnet Access in Quantenna Wi‑Fi Chipsets
CVE‑2025‑3461 is a newly assigned critical-severity vulnerability in Quantenna Wi‑Fi chipsets (used in various routers and embedded devices), where a telnet service is enabled by default with no authentication. This can allow remote attackers to gain root-level access and control raising serious security concerns. Vulnerability Details Exploitation Path These chipsets ship with telnet enabled by […]
CVE‑2024‑55585: Unauthenticated Admin API Access in moPS App
CVE‑2024‑55585 is a high to critical severity vulnerability affecting the moPS App through version 1.8.618. The flaw allows unauthenticated users to call administrative API endpoints such as “/api/v1/users/resetpassword” enabling unintended read/write operations on the app. Vulnerability Details Exploitation Path Due to missing authentication checks on administrative endpoints, unauthenticated or low‑privileged users can access and execute […]