CVE-2021-38461

Same vendor

• CVE-2021-38481 — The scheduler service running on a specific TCP port enables the user to start and stop jobs (8.1 HIGH)
• CVE-2021-38479 — Many API function codes receive raw pointers remotely from the user and trust these pointers as valid in-bound memory regions (6.5 MEDIUM)
• CVE-2021-38477 — There are multiple API function codes that permit reading and writing data to or from files and directories, which could lead to the mani... (9.8 CRITICAL)
• CVE-2021-38475 — The database connection to the server is performed by calling a specific API, which could allow an unprivileged user to gain SYSDBA permi... (7.3 HIGH)
• CVE-2021-38473 — The affected product’s code base doesn’t properly control arguments for specific functions, which could lead to a stack overflow (8.0 HIGH)

Same CWE

• CVE-2026-22312 — The device has a webserver that exposes a REST API authenticated with a constant token (8.6 HIGH)
• CVE-2026-9260 — Use of hard-coded cryptographic keys in Canon EOS Network Setting Tool Version 1.5.0 or earlier (6.2 MEDIUM)
• CVE-2026-34029 — The Wertheim SafeController Software, AssemblyVersion 6.15.8328.28014, contains a hard-coded cryptographic key in the SafeSystem.Infrastr...
• CVE-2026-34022 — The Wertheim SafeController Family 65000, Controller 65000 - AssemblyVersion 6.11.8130.22319, uses weak custom cryptographic algorithms w...
• CVE-2026-28742 — Naxclow devices use a uniform request-signing scheme based on a hard-coded, platform-wide salt embedded in every firmware image (9.8 CRITICAL)