16 matches found
CVE-2020-15806
creationtimestamp| type| source ---|---|--- 2026-03-17 12:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-26-076-01...
CVE-2022-27641
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700v3 1.0.4.12010.0.91 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the NetUSB module. The issue results from the lack of...
CVE-2020-15806
CODESYS Control runtime system before 3.5.16.10 allows Uncontrolled Memory Allocation...
CVE-2022-27641
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700v3 1.0.4.12010.0.91 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the NetUSB module. The issue results from the lack of...
Integer overflow
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700v3 1.0.4.12010.0.91 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the NetUSB module. The issue results from the lack of...
CVE-2022-27641
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700v3 1.0.4.12010.0.91 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the NetUSB module. The issue results from the lack of...
CVE-2022-27641
Summary (CVE-2022-27641): Affected: NETGEAR R6700v3 with firmware 1.0.4.120 10.0.91. Component: NetUSB module. Cause: improper validation of user-supplied data leading to an integer overflow during buffer allocation. Impact: remote code execution in the context of root by network-adjacent attacke...
CVE-2020-15806
CODESYS Control runtime system before 3.5.16.10 allows Uncontrolled Memory Allocation...
CVE-2020-15806
CVE-2020-15806 affects the CODESYS Control runtime system before 3.5.16.10. The issue is Uncontrolled Memory Allocation, which can cause the runtime to crash and, per linked sources, may lead to a denial of service. Technical details in the connected documents confirm the vulnerable component and...
CVE-2020-15806
CODESYS Control runtime system before 3.5.16.10 allows Uncontrolled Memory Allocation...
CVE-2019-15806
The CVE-2019-15806 entry affects CommScope ARRIS TR4400 devices with firmware A1.00.004-180301, which are vulnerable to an authentication bypass of the administrative interface. The issue arises because the firmware exposes the current base64-encoded password within http://192.168.1.1/basic_sett....
Zeta Components Mail 1.8.1 - Remote Code Execution
Zeta Components Mail 1.8.1 - Remote Code Execution Vendor: Zeta Components module: Mail, returnPath-email”; If attacker assign email address like: '[email protected] -X/var/www/html/cache/exploit.php' and inject payload in mail body, sendmail will transfer log-X into...
CVE-2017-15806
creationtimestamp| type| source ---|---|--- 2017-11-16 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/43155 2024-04-24 22:41:41+00:00| seen| https://t.me/arpsyndicate/4835...
Zeta Components Mail 1.8.1 - Remote Code Execution Vulnerability
Exploit for php platform in category web applications Vendor: Zeta Components module: Mail, returnPath-email”; If attacker assign email address like: 'email protected -X/var/www/html/cache/exploit.php' and inject payload in mail body, sendmail will transfer log-X into...
Zeta Components Mail 1.8.1 - Remote Code Execution
Vendor: Zeta Components module: Mail, returnPath-email”; If attacker assign email address like: '[email protected] -X/var/www/html/cache/exploit.php' and inject payload in mail body, sendmail will transfer log-X into /var/www/html/cache/exploit.php. The resulting file will contain t...
CVE-2017-15806
The CVE-2017-15806 issue affects Zeta Components Mail (ezcMailMtaTransport) prior to 1.8.2. The send() method uses PHP mail() and constructs the 5th parameter with -f{returnPath}, and improper restriction of characters in ezcMail returnPath permits a crafted address to trigger arbitrary code exec...