CVE-2025-71318 is a critical vulnerability in NetMan 204 that allows unauthenticated attackers to access administrative pages and commands. The vulnerability has a CVSS score of 9.3 and was published on 2026-06-05T18:16:54.910Z. The vulnerability allows attackers to disclose sensitive information, including LDAP configuration and active user details, and invoke privileged UPS control commands without supp [truncated]
CVE-2025-71317 is a critical vulnerability in NetMan 204, a device containing a hard-coded backdoor account. The account has a username and password of 'eurek', granting administrative access. An unauthenticated attacker can exploit this via the cgi-bin/login.cgi endpoint to gain administrator privileges. This allows the attacker to alter device configuration, enable telnet/SSH services, and reset local u [truncated]
