Linux Distros Unpatched Vulnerability : CVE-2022-20499

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In validateForCommonR1andR2 of PasspointConfiguration.java, uncaught errors in parsing stored configs could lead to local persistent denial of service with no...

CVE-2022-20499

In validateForCommonR1andR2 of PasspointConfiguration.java, uncaught errors in parsing stored configs could lead to local persistent denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12L...

CVE-2024-20499

creationtimestamp| type| source ---|---|--- 2024-10-02 22:13:13+00:00| seen| https://t.me/cvedetector/6868...

CVE-2023-39477 Inductive Automation Ignition ConditionRefresh Resource Exhaustion Denial-of-Service Vulnerability

Inductive Automation Ignition ConditionRefresh Resource Exhaustion Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Inductive Automation Ignition. Authentication is not required to exploit this...

CVE-2018-20499

creationtimestamp| type| source ---|---|--- 2024-03-18 13:46:50+00:00| seen| https://t.me/ctinow/210512...

CVE-2022-20499

In validateForCommonR1andR2 of PasspointConfiguration.java, uncaught errors in parsing stored configs could lead to local persistent denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12L...

CVE-2022-20499

In validateForCommonR1andR2 of PasspointConfiguration.java, uncaught errors in parsing stored configs could lead to local persistent denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12L...

CVE-2022-20499

CVE-2022-20499 is a vulnerability in Android’s PasspointConfiguration.java where uncaught errors during parsing of stored configs in function validateForCommonR1andR2 can cause a local persistent DoS without extra privileges. Affected are Android 12, 12L, and 13 releases; exploitation is reported...

CVE-2022-20499

In validateForCommonR1andR2 of PasspointConfiguration.java, uncaught errors in parsing stored configs could lead to local persistent denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12L...

CVE-2021-20499

IBM Security Verify Access Docker 10.0.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 197973...

CVE-2021-20499

Affected product: IBM Security Verify Access Docker 10.0.0. Vulnerability type / impact: remote information disclosure where detailed technical error messages returned in the browser expose sensitive information. This could be leveraged in further attacks against the system. Root cause (as descri...

Code injection

OMICRON StationGuard before 1.10 allows remote attackers to cause a denial of service connectivity outage via crafted tcp/20499 packets to the CTRL Ethernet port...

CVE-2021-30464

OMICRON StationGuard before 1.10 allows remote attackers to cause a denial of service connectivity outage via crafted tcp/20499 packets to the CTRL Ethernet port...

CVE-2021-30464

OMICRON StationGuard prior to version 1.10 is affected (CVE-2021-30464). The vulnerability allows remote attackers to cause a denial-of-service (connectivity outage) by sending crafted TCP packets to the CTRL Ethernet port (TCP/20499). No explicit exploit details are provided in the documents, an...

OMICRON StationGuard 资源管理错误漏洞

OMICRON StationGuard is an application from OMICRON Austria. It is used for network monitoring. A security vulnerability exists in OMICRON StationGuard versions prior to 1.10, which allows remote attackers to send a denial of service connection drop via a crafted tcp 20499 packet to the CTRL...

DLINK DWL-2600 - Authenticated Remote Command Injection (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'DLINK DWL-2600 Authenticated Remote Command Injection', 'Description' = %q Some DLINK Access Points are vulnerable to an authenticated OS command...

DLINK DWL-2600 Authenticated Remote Command Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'DLINK DWL-2600 Authenticated Remote Command Injection', 'Description' = %q Some DLINK Access Points are vulnerable to an authenticated OS command...

D-Link DWL-2600 Authenticated Remote Command Injection Exploit

This Metasploit module exploits some DLINK Access Points that are vulnerable to an authenticated OS command injection. Default credentials for the web interface are admin/admin. This module requires Metasploit: https://metasploit.com/download Current source:...

CVE-2019-20499

creationtimestamp| type| source ---|---|--- 2020-03-27 17:47:41+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/dlinkdwl2600commandinjection.rb 2020-03-31 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/48274 2025-02-06...

CVE-2019-20499

CVE-2019-20499 affects the D-Link DWL-2600AP (firmware 4.2.0.15 Rev A). It is an authenticated OS command injection via the Web interface Restore Configuration functionality, exploiting shell metacharacters in admin.cgi?action=config_restore or the configServerip parameter. Evidence shows exploit...