Cisco Firepower Threat Defense (FTD) Software SSL Decryption Policy DoS (cisco-sa-ftd-dnd-dos-bpEcg7B7)

According to its self-reported version, Cisco Secure Firewall Threat Defense FTD Software is affected by a vulnerability. - A vulnerability in the Do Not Decrypt exclusion feature of the SSL decryption feature of Cisco Secure Firewall Threat Defense FTD Software could allow an unauthenticated,...

CVE-2019-20050

Pandora FMS ≤ 7.42 suffers from a remote code execution vulnerability. To exploit the vulnerability, an authenticated user should create a new folder with a "tricky" name in the filemanager. The exploit works when the php-fileinfo extension is disabled on the host system. The attacker must includ...

CVE-2025-20050

Uncontrolled search path for some IntelR CIP software before version WINDCA2.4.0.11001 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable local code execution. This...

CVE-2023-35724

D-Link DAP-2622 Telnet CLI Use of Hardcoded Credentials Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability. The specif...

CVE-2023-35724 D-Link DAP-2622 Telnet CLI Use of Hardcoded Credentials Authentication Bypass Vulnerability

D-Link DAP-2622 Telnet CLI Use of Hardcoded Credentials Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability. The specif...

CVE-2023-35724

The CVE-2023-35724 entry concerns D-Link DAP-2622 routers where the Telnet CLI service uses hard-coded credentials, allowing authentication bypass for network-adjacent attackers. Affected component: Telnet/CLI service listening on TCP port 23. Root cause: server program contains hard-coded creden...

Cisco NX-OS Software CLI Command Injection (CVE-2023-20050)

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments that are passed to specific CLI commands. An...

Vulnerabilities fixed in Cisco NX-OS

Cisco has fixed vulnerabilities in NX-OS. The vulnerability with attribute CVE-2022-20050 can be exploited by a local, authenticated malicious person to exploit arbitrary code execute arbitrary code at the system level by exploiting command-line injection. Also, a bug has been fixed in the...

Cisco NX-OS Software CLI Comm Injection (cisco-sa-nxos-cli-cmdinject-euQVK9u)

According to its self-reported version, Cisco NX-OS Software is affected by a vulnerability. - A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability...

CVE-2023-20050

CVE-2023-20050 affects Cisco NX-OS Software CLI, where insufficient validation of CLI arguments allows an authenticated, local attacker to inject commands and run arbitrary OS commands with the privileges of the logged-in user. Multiple connected sources (Cisco advisory, Nessus/NES plugins, and C...

CVE-2017-20050

This CVE entry is rejected and not used; it does not represent an active vulnerability entry.

CVE-2022-20050

The CVE-2022-20050 entry refers to a vulnerability in connsyslogger where improper link resolution enables symbolic link following, leading to local escalation of privilege with System execution privileges required. Exploitation is described as local with no user interaction needed. Affected comp...

CVE-2021-20050

CVE-2021-20050 affects the SonicWall SMA100 series, where an improper access control vulnerability allows multiple restricted management APIs to be accessed without user authentication, potentially exposing configuration meta-data. The issue is documented across multiple sources (SonicWall PSIRT ...

SMA100 Improper Access Control Vulnerability allowed restricted management APIs accessible

An Improper Access Control Vulnerability in the SMA100 series leads to multiple restricted management APIs being accessible without a user login, potentially exposing configuration meta-data.IMPORTANT: There is no evidence that these vulnerabilities are being exploited in the wild. CVE:...

CVE-2019-20050

CVE-2019-20050 affects Pandora FMS ≤ 7.42. A remote code execution exists when an authenticated user creates a folder with a “tricky” name in the filemanager; the exploit requires the php-fileinfo extension to be disabled and the attacker to include shell metacharacters in the content type. This ...

CVE-2019-19898

In IXP EasyInstall 6.2.13723, there are cleartext credentials in network communication on TCP port 20050 when using the Administrator console remotely...

CVE-2019-19898

In IXP EasyInstall 6.2.13723, there are cleartext credentials in network communication on TCP port 20050 when using the Administrator console remotely...

Design/Logic Flaw

In IXP EasyInstall 6.2.13723, there are cleartext credentials in network communication on TCP port 20050 when using the Administrator console remotely...

CVE-2019-19898

In IXP EasyInstall 6.2.13723, there are cleartext credentials in network communication on TCP port 20050 when using the Administrator console remotely...

CVE-2018-20050

The CVE-2018-20050 vulnerability affects the Jooan JA-Q1H Wi‑Fi camera (firmware 21.0.0.91). A mishandling of an empty string in ONVIF GetStreamUri and GetVideoEncoderConfigurationOptions can allow a remote attacker to cause a denial of service (crash and reboot) over the network without authenti...