13 matches found
CVE-2025-14705
creationtimestamp| type| source ---|---|--- 2025-12-15 19:06:03+00:00| seen| https://infosec.exchange/users/vuldb/statuses/115725144120813664 2026-01-09 03:04:38+00:00| seen| Telegram/fqBb9-b15juJsrMtIb1klixJvuKUWtaIz-Un3BotO2k29k 2026-01-09 03:04:58+00:00| seen|...
CVE-2025-14705 Shiguangwu sgwbox N3 SHARESERVER Feature command injection
A vulnerability was determined in Shiguangwu sgwbox N3 2.0.25. This affects an unknown function of the component SHARESERVER Feature. This manipulation of the argument params causes command injection. The attack can be initiated remotely. The exploit has been publicly disclosed and may be utilize...
CVE-2017-14705
DenyAll WAF before 6.4.1 allows unauthenticated remote command execution via TCP port 3001 because shell metacharacters can be inserted into the type parameter to the tailDateFile function in /webservices/stream/tail.php. An iToken authentication parameter is required but can be obtained by...
CVE-2019-14705
An Incorrect Access Control issue was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5 because any valid cookie can be used to make requests as an admin...
CVE-2020-14705
CVE-2020-14705 affects Oracle GoldenGate (Process Management) before version 19.1.0.0.0. The vulnerability allows an unauthenticated attacker with access to the physical communication segment attached to the hardware running GoldenGate to compromise it, potentially taking over the Oracle GoldenGa...
CVE-2018-14705
In Drobo 5N2 4.0.5, all optional applications lack any form of authentication/authorization validation. As a result, any user capable of accessing the device over the network may interact with and control these applications. This not only poses a severe risk to the availability of these...
CVE-2018-14705 Lack of Authentication/Authorization on Administrative Web Pages
In Drobo 5N2 4.0.5, all optional applications lack any form of authentication/authorization validation. As a result, any user capable of accessing the device over the network may interact with and control these applications. This not only poses a severe risk to the availability of these...
CVE-2018-14705
CVE-2018-14705 affects Drobo 5N2 (v4.0.5). The issue is that all optional applications lack authentication/authorization validation, allowing any network-accessing user to interact with and control those applications. Impact is stated as severe risks to availability, confidentiality, and integrit...
CVE-2019-14705
An Incorrect Access Control issue was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5 because any valid cookie can be used to make requests as an admin...
CVE-2019-14705
An Incorrect Access Control issue was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5 because any valid cookie can be used to make requests as an admin...
CVE-2019-14705
CVE-2019-14705 affects MicroDigital N-series cameras up to firmware 6400.0.8.5. The issue is an incorrect access control that lets an attacker perform admin actions using any valid cookie, effectively bypassing authentication. Documented CVSSv3 base score is 7.2 (HIGH) with network attack vector ...
CVE-2017-14705
CVE-2017-14705: DenyAll Web Application Firewall (WAF) before 6.4.1 permits unauthenticated remote command execution via TCP port 3001. The flaw enables insertion of shell metacharacters into the type parameter of the tailDateFile function located at /webservices/stream/tail.php. An iToken authen...
CVE-2017-14705
DenyAll WAF before 6.4.1 allows unauthenticated remote command execution via TCP port 3001 because shell metacharacters can be inserted into the type parameter to the tailDateFile function in /webservices/stream/tail.php. An iToken authentication parameter is required but can be obtained by...