Lucene search

K

Tron Security Vulnerabilities

cve
cve

CVE-2020-16206

The affected product is vulnerable to stored cross-site scripting, which may allow an attacker to remotely execute arbitrary code to gain access to sensitive data on the N-Tron 702-W / 702M12-W (all...

9CVSS

9.2AI Score

0.003EPSS

2020-09-01 09:15 PM
32
3
cve
cve

CVE-2020-16210

The affected product is vulnerable to reflected cross-site scripting, which may allow an attacker to remotely execute arbitrary code and perform actions in the context of an attacked user on the N-Tron 702-W / 702M12-W (all...

9CVSS

9.1AI Score

0.002EPSS

2020-09-01 09:15 PM
32
2
cve
cve

CVE-2020-16204

The affected product is vulnerable due to an undocumented interface found on the device, which may allow an attacker to execute commands as root on the device on the N-Tron 702-W / 702M12-W (all...

9.8CVSS

9.5AI Score

0.011EPSS

2020-09-01 09:15 PM
30
cve
cve

CVE-2020-16208

The affected product is vulnerable to cross-site request forgery, which may allow an attacker to modify different configurations of a device by luring an authenticated user to click on a crafted link on the N-Tron 702-W / 702M12-W (all...

8.8CVSS

8.2AI Score

0.002EPSS

2020-09-01 09:15 PM
26
cve
cve

CVE-2017-16544

In the add_match function in libbb/lineedit.c in BusyBox through 1.27.2, the tab autocomplete feature of the shell, used to get a list of filenames in a directory, does not sanitize filenames and results in executing any escape sequence in the terminal. This could potentially result in code...

8.8CVSS

8.4AI Score

0.005EPSS

2017-11-20 03:29 PM
223
6
cve
cve

CVE-2004-1500

Format string vulnerability in the Lithtech engine, as used in multiple games, allows remote authenticated users to cause a denial of service (application crash) via format string specifiers in (1) a nickname or (2) a...

6.3AI Score

0.007EPSS

2005-02-19 05:00 AM
25
cve
cve

CVE-2004-1395

The Lithtech engine, as used in (1) Contract Jack 1.1 and earlier, (2) No one lives forever 2 1.3 and earlier, (3) Tron 2.0 1.042 and earlier, (4) F.E.A.R. (First Encounter Assault and Recon), and possibly other games, allows remote attackers to cause a denial of service (connection refused) via a....

7.3AI Score

0.045EPSS

2005-02-12 05:00 AM
25