Lucene search
K

6 matches found

OSV
OSV
added 2025/12/24 8:15 p.m.6 views

CVE-2018-25143

Microhard Systems IPn4G 1.1.0 contains a service vulnerability that allows authenticated users to enable a restricted SSH shell with a default 'msshc' user. Attackers can exploit a custom 'ping' command in the NcFTP environment to escape the restricted shell and execute commands with root...

8.7CVSS5.8AI score0.00516EPSS
Exploits2References3
Positive Technologies
Positive Technologies
added 2025/12/24 12:0 a.m.6 views

PT-2025-53363

Microhard Systems IPn4G 1.1.0 contains a service vulnerability that allows authenticated users to enable a restricted SSH shell with a default 'msshc' user. Attackers can exploit a custom 'ping' command in the NcFTP environment to escape the restricted shell and execute commands with root...

8.8CVSS7.3AI score0.00516EPSS
Exploits2References4
RedHat Linux
RedHat Linux
added 2022/11/03 3:14 p.m.4 views

undertow: Double AJP response for 400 from EAP 7 results in CPING failures

A flaw was found in Undertow. For an AJP 400 response, EAP 7 is improperly sending two response packets, and those packets have the reuse flag set even though JBoss EAP closes the connection. A failure occurs when the connection is reused after a 400 by CPING since it reads in the second...

7.5CVSS7.3AI score0.01258EPSS
Exploits0References4
OSV
OSV
added 2022/08/31 4:15 p.m.3 views

UBUNTU-CVE-2022-1319

A flaw was found in Undertow. For an AJP 400 response, EAP 7 is improperly sending two response packets, and those packets have the reuse flag set even though JBoss EAP closes the connection. A failure occurs when the connection is reused after a 400 by CPING since it reads in the second...

7.5CVSS6.8AI score0.01258EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/04/11 12:0 a.m.5 views

Red Hat Undertow 安全漏洞

Red Hat Undertow is a Java-based embedded web server from Red Hat, Inc. and is the default web server for Wildfly Java Application Server. A security vulnerability exists in Red Hat Undertow that stems from an EAP 7 response to a double AJP 400 resulting in a CPING failure...

7.5CVSS7AI score0.01258EPSS
Exploits0References14
OSV
OSV
added 2019/02/18 11:56 p.m.2 views

GHSA-2MHH-W6Q8-5HXW Remote Memory Disclosure in ws

Versions of ws prior to 1.0.1 are affected by a remote memory disclosure vulnerability. In certain rare circumstances, applications which allow users to control the arguments of a client.ping call will cause ws to send the contents of an allocated but non-zero-filled buffer to the server. This ma...

7.5CVSS6AI score0.02015EPSS
Exploits0References6
Rows per page
Query Builder