CVE-2020-17387

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Marvell QConvergeConsole 5.5.0.64. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

CVE-2018-17387

CSRF exists in Nimble Messaging Bulk SMS Marketing Application 1.0 for adding an admin account...

CVE-2019-17387

creationtimestamp| type| source ---|---|--- 2024-03-07 17:11:49+00:00| seen| https://t.me/ctinow/202566...

CVE-2020-17387

CVE-2020-17387 affects Marvell QConvergeConsole 5.5.0.64. The vulnerability is in the GWTTestServiceImpl.writeObjectToConfigFile method, caused by insufficient validation of a user-supplied path before file operations, enabling remote code execution in the SYSTEM context. Authentication is requir...

CVE-2019-17387

Aviatrix VPN Client AVPNC_RP service (versions up to 2.2.10) contains an authentication flaw that allows local attackers to execute arbitrary code and escalate privileges on Windows, Linux, and macOS. The vulnerability is described as a local privilege escalation via an authentication weakness, w...

CVE-2018-17387

CSRF exists in Nimble Messaging Bulk SMS Marketing Application 1.0 for adding an admin account...

CVE-2018-17387

CVE-2018-17387 affects Nimble Messaging Bulk SMS Marketing Application 1.0. The issue is a Cross-Site Request Forgery (CSRF) that enables adding an admin account. CVSS3 base score 8.8 (HIGH) with NETWORK attack vector, UI required, and HIGH impact on confidentiality, integrity, and availability. ...