A vulnerability was found in ywoa up to 2024.07.03. It has been declared as critical. This vulnerability affects unknown code of the file /oa/setup/setup.jsp. The manipulation leads to improper authorization.
This vulnerability was named CVE-2025-1226. The attack can be initiated remotely. Furthermore, there is an exploit available.
It is recommended to upgrade the affected component.
Threat actors have observed the increasingly common ClickFix technique to deliver a remote access trojan named NetSupport RAT since early January 2025.
NetSupport RAT, typically propagated via bogus websites and fake browser updates, grants attackers full control over the victim's host, allowing them to monitor the device's screen in real-time, control the keyboard and mouse, upload and download
A vulnerability was found in Wattsense Bridge up to 6.4.0. It has been classified as critical. This affects an unknown part. The manipulation leads to missing protection mechanism for alternate hardware interface.
This vulnerability is uniquely identified as CVE-2025-26409. It is possible to launch the attack on the physical device. There is no exploit available.
It is recommended to upgrade the affected component.
A vulnerability was found in Wattsense Bridge up to 6.4.0 and classified as critical. Affected by this issue is some unknown functionality. The manipulation leads to hard-coded credentials.
This vulnerability is handled as CVE-2025-26410. The attack may be launched remotely. There is no exploit available.
It is recommended to upgrade the affected component.
A vulnerability has been found in Wattsense Bridge and classified as critical. Affected by this vulnerability is an unknown functionality of the component Plugin Manager. The manipulation leads to unrestricted upload.
This vulnerability is known as CVE-2025-26411. The attack can be launched remotely. There is no exploit available.
It is recommended to upgrade the affected component.