CVE-2025-10655

creationtimestamp| type| source ---|---|--- 2026-04-14 17:27:49+00:00| seen| Telegram/X69Hoh64i7djUBejuAQijXCf66JncuFnYRKez2YtZF33U...

CVE-2020-10655

The Proofpoint Insider Threat Management Server formerly ObserveIT Server before 7.9.1 contains a vulnerability in the ITM application server's WriteWindowMouse API. The vulnerability allows an anonymous remote attacker to execute arbitrary code with local administrator privileges. The...

CVE-2019-10655

Grandstream GAC2500 1.0.3.35, GXP2200 1.0.3.27, GVC3202 1.0.3.51, GXV3275 before 1.0.3.219 Beta, and GXV3240 before 1.0.3.219 Beta devices allow unauthenticated remote code execution via shell metacharacters in a /manager?action=getlogcat priority field, in conjunction with a buffer overflow via...

CVE-2024-10655

creationtimestamp| type| source ---|---|--- 2024-11-01 16:10:50+00:00| seen| https://t.me/cvedetector/9581...

CVE-2024-10655

A vulnerability was found in Tongda OA 2017 up to 11.9. It has been declared as critical. This vulnerability affects unknown code of the file /pda/reportshop/new.php. The manipulation of the argument repid leads to sql injection. The attack can be initiated remotely. The exploit has been disclose...

CVE-2024-10655 Tongda OA 2017 new.php sql injection

A vulnerability was found in Tongda OA 2017 up to 11.9. It has been declared as critical. This vulnerability affects unknown code of the file /pda/reportshop/new.php. The manipulation of the argument repid leads to sql injection. The attack can be initiated remotely. The exploit has been disclose...

Grandstream GXV31XX settimezone Unauthenticated Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Grandstream GXV31XX 'settimezone' Unauthenticated Command Execution", 'Description' = %q This module exploits a command injection vulnerability i...

Metasploit Weekly Wrap-Up

Image Credit: https://upload.wikimedia.org/wikipedia/commons/c/c7/Logs.jpg without change while j==shell; Log4j; The Log4j loop continues as we release a module targeting vulnerable vCenter releases. This is a good time to suggest that you check your vCenter releases and maybe even increase the...

Grandstream GXV3175 Unauthenticated Command Execution Exploit

This Metasploit module exploits a command injection vulnerability in Grandstream GXV3175 IP multimedia phones. The settimezone action does not validate input in the timezone parameter allowing injection of arbitrary commands. A buffer overflow in the phonecookie cookie parsing allows authenticati...

Grandstream GXV3175 Unauthenticated Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Grandstream GXV3175 'settimezone' Unauthenticated Command Execution", 'Description' = %q This module exploits a command injection vulnerability i...

Grandstream Multiple Products Authentication Bypass (CVE-2019-10655)

An authentication bypass vulnerability exists in multiple Grandstream products. Successful exploitation of this vulnerability could allow a remote attacker to gain unauthorized access to the affected system...

CVE-2020-10655

creationtimestamp| type| source ---|---|--- 2021-01-06 16:39:16+00:00| seen| https://t.me/cibsecurity/21658...

CVE-2020-10655

CVE-2020-10655 affects Proofpoint Insider Threat Management Server (formerly ObserveIT Server) before 7.9.1. The ITM app server's WriteWindowMouse API suffers from improper deserialization, allowing an anonymous remote attacker to execute arbitrary code with local administrator privileges. Root c...

CVE-2019-10655

creationtimestamp| type| source ---|---|--- 2020-10-15 15:07:04+00:00| seen| MISP/cbd9bbb3-3f53-4610-9d91-9191ff0a9ca8 2020-10-16 06:56:57+00:00| seen| MISP/25aef508-b116-4d75-84b2-b6ceff906e44 2022-02-08 18:48:04+00:00| seen|...

VulnCheck KEV: CVE-2019-10655

Grandstream GAC2500 1.0.3.35, GXP2200 1.0.3.27, GVC3202 1.0.3.51, GXV3275 before 1.0.3.219 Beta, and GXV3240 before 1.0.3.219 Beta devices allow unauthenticated remote code execution via shell metacharacters in a /manager?action=getlogcat priority field, in conjunction with a buffer overflow via...

CVE-2019-10655

Grandstream GAC2500 1.0.3.35, GXP2200 1.0.3.27, GVC3202 1.0.3.51, GXV3275 before 1.0.3.219 Beta, and GXV3240 before 1.0.3.219 Beta devices allow unauthenticated remote code execution via shell metacharacters in a /manager?action=getlogcat priority field, in conjunction with a buffer overflow via...

CVE-2019-10655

CVE-2019-10655: Grandstream remote code execution vulnerability affects Grandstream GAC2500 (1.0.3.35), GXP2200 (1.0.3.27), GVC3202 (1.0.3.51), GXV3275 (before 1.0.3.219 Beta), and GXV3240 (before 1.0.3.219 Beta). The issue enables unauthenticated RCE via shell metacharacters in the /manager?acti...

CVE-2017-10655

...

CVE-2017-10655

CVE-2017-10655 is rejected and not used as an active vulnerability entry.

CVE-2016-10655

The CVE-2016-10655 issue affects the clang-extra component of LLVM/clang-extra, where the tool downloads binary resources over HTTP. This enables a man-in-the-middle scenario if an attacker can position themselves on the network, potentially replacing downloaded resources with malicious ones and ...