[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"all-banners":3,"SkipToContent_34xgpJIRRkpiT6ls6jE4NHf7VpvQCQBEwi69exi4oT0":42,"FooterNav_JsYsxvLufb1W12aeknKZ89on0MD0bNDTiB5EYxyxmU":49,"FooterSocial_u16tCafBUeGMoDrdLfTINytP2JB5msc6iB3VDUutAoU":55,"vulnerability-17243":62},[4,15,21,30,37],{"title":5,"slug":6,"text":7,"link":8,"external":9,"targets":10,"cta":12,"variant":13,"campaign_id":14},"NGINX Rift free scanner - CVE-2026-42945 - CVE Page","nginx-rift-cve-page","🚨 New: FREE SCANNER for NGINX Rift (CVE-2026-42945). No account needed.","https://pentest-tools.com/network-vulnerability-scanning/cve-2026-42945-scanner-nginx-rift",true,[11],"/vulnerabilities-exploits/nginx-heap-buffer-overflow_29311","Scan for free","secondary","nginx-rift",{"title":16,"slug":17,"text":18,"link":8,"external":9,"targets":19,"cta":12,"variant":13,"campaign_id":14},"NGINX Rift free scanner - CVE-2026-42945 -blog","nginx-rift-blog","🚨 New: free scanner for NGINX Rift (CVE-2026-42945). Check your targets now.",[20],"/blog",{"title":22,"slug":23,"text":24,"link":25,"external":9,"targets":26,"cta":28,"variant":13,"campaign_id":29},"phpBB authentication bypass - VulnDB homepage","phpbb-authentication-bypass-vulndb","Detect 2 new CVEs our research team discovered in phpBB","https://pentest-tools.com/vulnerabilities-exploits/phpbb-authentication-bypass_29369",[27],"/vulnerabilities-exploits","See the details","phpbb-authentication-bypass",{"title":31,"slug":32,"text":33,"link":34,"external":9,"targets":35,"cta":36,"variant":13,"campaign_id":29},"phpBB authentication bypass - CVE page","phpbb-authentication-bypass-cve","See how our research team discovered these 2 new CVEs in phpBB","https://pentest-tools.com/research/phpbb-authentication-bypass",[27],"Read the research",{"title":38,"slug":39,"text":24,"link":25,"external":9,"targets":40,"cta":28,"variant":13,"campaign_id":29},"phpBB authentication bypass - Sniper","phpbb-authentication-bypass-sniper",[41],"/exploit-helpers/sniper",["Island",43],{"key":44,"params":45,"result":47},"SkipToContent_34xgpJIRRkpiT6ls6jE4NHf7VpvQCQBEwi69exi4oT0",{"props":46},"{}",{"head":48},{},["Island",50],{"key":51,"params":52,"result":53},"FooterNav_JsYsxvLufb1W12aeknKZ89on0MD0bNDTiB5EYxyxmU",{"props":46},{"head":54},{},["Island",56],{"key":57,"params":58,"result":60},"FooterSocial_u16tCafBUeGMoDrdLfTINytP2JB5msc6iB3VDUutAoU",{"props":59},"{\"text-color\":\"gray\"}",{"head":61},{},{"id":63,"detectable_with":64,"vuln_details":71,"vuln_id":109,"name":110,"published":111,"updated":72},17243,{"tool":65,"engine":68},{"id":66,"name":67},1,"Network Scanner",{"id":69,"name":70},3,"OpenVAS",{"id":63,"codename":72,"description":72,"severity":73,"risk_description":74,"public_description":75,"public_recommendation":76,"recommendation":72,"references":77,"cvssv3":87,"epss_score":88,"epss_percentile":89,"cve":90,"in_cisa_catalog":107,"date":108,"software_type":72,"vendor":72,"product":72,"ptt_exploit_capabilities":72},null,"medium","The list of known SSH host keys used by this plugin is gathered from various sources: - Top 1.000 Duplicate SSH Fingerprints on the Internet collected via the search engine Shodan in 2015. The most common fingerprint was found to be shared among 245.000 installations where the least common was still present 321 times. - SSH host keys generated with a vulnerable OpenSSL version on Debian and derivates (CVE-2008-0166). - Devices of Multiple Vendors (Cisco, ZTE, ZyXEL, OpenStage, OpenScape, TANDBERG) using hardcoded SSH host keys (CVE-2015-6358, CVE-2015-7255, CVE-2015-7256, CVE-2015-7276, CVE-2015-8251, CVE-2015-8260, CVE-2009-4510). - Zyxel CNM SecuManager (CVE-2020-15312, CVE-2020-15313, CVE-2020-15314, CVE-2020-15315, CVE-2020-15316, CVE-2020-15317, CVE-2020-15318, CVE-2020-15319) An attacker could use this situation to compromise or eavesdrop on the SSH communication between the client and the server using a man-in-the-middle attack.","The remote host uses a default SSH host key that is shared among multiple installations.","Generate a new SSH host key.",[78,79,80,81,82,83,84,85,86],"https://blog.shodan.io/duplicate-ssh-keys-everywhere/","https://www.kb.cert.org/vuls/id/566724","http://blogs.intevation.de/thomas/hetzner-duplicate-ed25519-ssh-host-keys/","https://www.vsecurity.com/download/advisories/20100409-2.txt","https://wiki.debian.org/SSLkeys","https://www.debian.org/security/2008/dsa-1571","https://github.com/g0tmi1k/debian-ssh","https://pierrekim.github.io/blog/2020-03-09-zyxel-secumanager-0day-vulnerabilities.html#ssh-servers-keys","https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-vulnerabilities-of-cloudcnm-secumanager",5.9,0.70721,0.99313,[91,92,93,94,95,96,97,98,99,100,101,102,103,104,105,106],"CVE-2020-15312","CVE-2020-15313","CVE-2020-15314","CVE-2020-15315","CVE-2020-15316","CVE-2020-15317","CVE-2020-15318","CVE-2020-15319","CVE-2015-6358","CVE-2015-7255","CVE-2015-7256","CVE-2015-7276","CVE-2015-8251","CVE-2015-8260","CVE-2009-4510","CVE-2008-0166",false,"2008-05-13T00:00:00Z","NETSCAN-OPENVAS-1.3.6.1.4.1.25623.1.0.105497","Known SSH Host Key","2018-01-02T00:00:00Z"]