Lucene search
K

13 matches found

Circl
Circl
added 2025/12/15 7:6 p.m.6 views

CVE-2025-14705

creationtimestamp| type| source ---|---|--- 2025-12-15 19:06:03+00:00| seen| https://infosec.exchange/users/vuldb/statuses/115725144120813664 2026-01-09 03:04:38+00:00| seen| Telegram/fqBb9-b15juJsrMtIb1klixJvuKUWtaIz-Un3BotO2k29k 2026-01-09 03:04:58+00:00| seen|...

10CVSS8.7AI score0.14606EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/12/15 5:2 a.m.3 views

CVE-2025-14705 Shiguangwu sgwbox N3 SHARESERVER Feature command injection

A vulnerability was determined in Shiguangwu sgwbox N3 2.0.25. This affects an unknown function of the component SHARESERVER Feature. This manipulation of the argument params causes command injection. The attack can be initiated remotely. The exploit has been publicly disclosed and may be utilize...

10CVSS6.5AI score0.14606EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2025/05/22 6:32 a.m.6 views

CVE-2017-14705

DenyAll WAF before 6.4.1 allows unauthenticated remote command execution via TCP port 3001 because shell metacharacters can be inserted into the type parameter to the tailDateFile function in /webservices/stream/tail.php. An iToken authentication parameter is required but can be obtained by...

9.8CVSS7.5AI score0.28243EPSS
Exploits3References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:33 a.m.7 views

CVE-2019-14705

An Incorrect Access Control issue was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5 because any valid cookie can be used to make requests as an admin...

7.2CVSS7.1AI score0.0155EPSS
Exploits0References1
CVE
CVE
added 2020/07/15 5:34 p.m.55 views

CVE-2020-14705

CVE-2020-14705 affects Oracle GoldenGate (Process Management) before version 19.1.0.0.0. The vulnerability allows an unauthenticated attacker with access to the physical communication segment attached to the hardware running GoldenGate to compromise it, potentially taking over the Oracle GoldenGa...

9.6CVSS9AI score0.01864EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2020/02/24 7:15 p.m.15 views

CVE-2018-14705

In Drobo 5N2 4.0.5, all optional applications lack any form of authentication/authorization validation. As a result, any user capable of accessing the device over the network may interact with and control these applications. This not only poses a severe risk to the availability of these...

10CVSS9.4AI score0.01853EPSS
Exploits0References2
Cvelist
Cvelist
added 2020/02/24 6:16 p.m.18 views

CVE-2018-14705 Lack of Authentication/Authorization on Administrative Web Pages

In Drobo 5N2 4.0.5, all optional applications lack any form of authentication/authorization validation. As a result, any user capable of accessing the device over the network may interact with and control these applications. This not only poses a severe risk to the availability of these...

9.4AI score0.01853EPSS
Exploits0References2
CVE
CVE
added 2020/02/24 6:16 p.m.53 views

CVE-2018-14705

CVE-2018-14705 affects Drobo 5N2 (v4.0.5). The issue is that all optional applications lack authentication/authorization validation, allowing any network-accessing user to interact with and control those applications. Impact is stated as severe risks to availability, confidentiality, and integrit...

10CVSS9.5AI score0.01853EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2019/08/06 11:15 p.m.6 views

CVE-2019-14705

An Incorrect Access Control issue was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5 because any valid cookie can be used to make requests as an admin...

7.2CVSS5.8AI score0.0155EPSS
Exploits0References3
Cvelist
Cvelist
added 2019/08/06 10:24 p.m.20 views

CVE-2019-14705

An Incorrect Access Control issue was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5 because any valid cookie can be used to make requests as an admin...

7AI score0.0155EPSS
Exploits0References3
CVE
CVE
added 2019/08/06 10:24 p.m.64 views

CVE-2019-14705

CVE-2019-14705 affects MicroDigital N-series cameras up to firmware 6400.0.8.5. The issue is an incorrect access control that lets an attacker perform admin actions using any valid cookie, effectively bypassing authentication. Documented CVSSv3 base score is 7.2 (HIGH) with network attack vector ...

7.2CVSS7AI score0.0155EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2017/09/22 6:0 p.m.47 views

CVE-2017-14705

CVE-2017-14705: DenyAll Web Application Firewall (WAF) before 6.4.1 permits unauthenticated remote command execution via TCP port 3001. The flaw enables insertion of shell metacharacters into the type parameter of the tailDateFile function located at /webservices/stream/tail.php. An iToken authen...

9.3CVSS9.2AI score0.0736EPSS
Exploits1References3Affected Software2
Cvelist
Cvelist
added 2017/09/22 6:0 p.m.17 views

CVE-2017-14705

DenyAll WAF before 6.4.1 allows unauthenticated remote command execution via TCP port 3001 because shell metacharacters can be inserted into the type parameter to the tailDateFile function in /webservices/stream/tail.php. An iToken authentication parameter is required but can be obtained by...

8.9AI score0.0736EPSS
Exploits1References3
Rows per page
Query Builder