CVE-2024-10697

A vulnerability has been found in Tenda AC6 15.03.05.19 and classified as critical. Affected by this vulnerability is the function formWriteFacMac of the file /goform/WriteFacMac of the component API Endpoint. The manipulation of the argument mac leads to command injection. The attack can be...

CVE-2024-10697 Tenda AC6 API Endpoint WriteFacMac formWriteFacMac command injection

A vulnerability has been found in Tenda AC6 15.03.05.19 and classified as critical. Affected by this vulnerability is the function formWriteFacMac of the file /goform/WriteFacMac of the component API Endpoint. The manipulation of the argument mac leads to command injection. The attack can be...

Moxa AWK-3121 Improper Neutralization of Special Elements Used in a Command (CVE-2018-10697)

An issue was discovered on Moxa AWK-3121 1.14 devices. The Moxa AWK 3121 provides ping functionality so that an administrator can execute ICMP calls to check if the network is working correctly. However, the same functionality allows an attacker to execute commands on the device. The POST paramet...

CVE-2020-10697

CVE-2020-10697 affects Red Hat Ansible Tower when run with OpenShift; Tower uses memcached over TCP and a crafted playbook can pollute the cache, leading to degraded Tower performance (DoS). Affected versions: Tower before 3.6.4, before 3.5.6, and before 3.4.6. Root cause: memcached interaction e...

CVE-2020-10697

A flaw was found in Ansible Tower when running Openshift. Tower runs a memcached, which is accessed via TCP. An attacker can take advantage of writing a playbook polluting this cache, causing a denial of service attack. This attack would not completely stop the service, but in the worst-case...

Ansible Tower 3.4.x < 3.4.6 / 3.5.x < 3.5.6 / 3.6.x < 3.6.4 Denial of Service Vulnerability

The version of Ansible Tower running on the remote web server is 3.4.x prior to 3.4.6, or 3.5.x prior to 3.5.6, or 3.6.x prior to 3.6.4. It is, therefore, affected by a Denial of Service vulnerability when running Openshift that can reduce memcached and Tower performance. Nessus is unable to dete...

CVE-2020-10697

A flaw was found in Ansible Tower when running Openshift. Tower runs a memcached, which is accessed via TCP. An attacker can take advantage of writing a playbook polluting this cache, causing a denial of service attack. This attack would not completely stop the service, but in the worst-case...

CVE-2018-10697

creationtimestamp| type| source ---|---|--- 2019-06-08 00:28:20+00:00| seen| https://t.me/cibsecurity/4785...

CVE-2018-10697

The CVE-2018-10697 entry affects Moxa AWK-3121 (firmware 1.14). The vulnerability is a command injection in the POST parameter srvName exposed via the device’s ping functionality, allowing an attacker to craft input with shell metacharacters and execute commands on the device. Reported as impacti...

CVE-2016-10697

react-native-baidu-voice-synthesizer is a baidu voice speech synthesizer for react native. react-native-baidu-voice-synthesizer downloads resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested resources...

CVE-2016-10697

The vulnerability CVE-2016-10697 affects react-native-baidu-voice-synthesizer, which downloads resources over HTTP. The underlying issue is unencrypted network requests, enabling MITM interception and potential remote code execution by substituting resources with attacker-controlled copies. Multi...

CVE-2016-10697

react-native-baidu-voice-synthesizer is a baidu voice speech synthesizer for react native. react-native-baidu-voice-synthesizer downloads resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested resources...

liberal.gr XSS vulnerability

Vulnerable URL: http://www.liberal.gr/anazitisi/%3Cscript%3Ealert%28%22OPENBUGBOUNTY%22%29%3C/script%3E.html?leksi= Details: Description| Value ---|--- Patched:| Yes, at 24.11.2017 Latest check for patch:| 24.11.2017 10:56 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Ale...