10 matches found
CVE-2022-45194
CBRN-Analysis before 22 allows XXE attacks via am mws XML document, leading to NTLMv2-SSP hash disclosure...
CVE-2024-45194
creationtimestamp| type| source ---|---|--- 2024-11-21 17:06:22+00:00| seen| https://infosec.exchange/users/cve/statuses/113522034717468022...
CVE-2023-45194
creationtimestamp| type| source ---|---|--- 2023-10-11 07:17:07+00:00| seen| https://t.me/cibsecurity/72058...
CVE-2023-45194
Use of default credentials vulnerability in MR-GM2 firmware Ver. 3.00.03 and earlier, and MR-GM3 -D/-K/-S/-DK/-DKS/-M/-W firmware Ver. 1.03.45 and earlier allows a network-adjacent unauthenticated attacker to intercept wireless LAN communication, when the affected product performs the communicati...
CVE-2023-45194
The CVE-2023-45194 vulnerability affects MR-GM2 firmware versions 3.00.03 and earlier and MR-GM3 firmware versions 1.03.45 and earlier, arising from default credentials. An adjacent, unauthenticated attacker could intercept wireless LAN traffic when the device uses the factory-default pre-shared ...
CVE-2023-45194
Use of default credentials vulnerability in MR-GM2 firmware Ver. 3.00.03 and earlier, and MR-GM3 -D/-K/-S/-DK/-DKS/-M/-W firmware Ver. 1.03.45 and earlier allows a network-adjacent unauthenticated attacker to intercept wireless LAN communication, when the affected product performs the communicati...
CVE-2023-45194
Use of default credentials vulnerability in MR-GM2 firmware Ver. 3.00.03 and earlier, and MR-GM3 -D/-K/-S/-DK/-DKS/-M/-W firmware Ver. 1.03.45 and earlier allows a network-adjacent unauthenticated attacker to intercept wireless LAN communication, when the affected product performs the communicati...
CVE-2022-45194
CBRN-Analysis before 22 allows XXE attacks via am mws XML document, leading to NTLMv2-SSP hash disclosure...
CVE-2022-45194
CVE-2022-45194 describes XXE abuse in CBRN-Analysis prior to version 22 via an am mws XML document, leading to NTLMv2-SSP hash disclosure. Connected sources confirm affected software (CBRN-Analysis) and root cause (external entity processing in XML). The PT-2022-27424 advisory explicitly recommen...
Virtuozzo Hybrid Infrastructure 4.5 Update 2
This update provides bug fixes and improvements. Vulnerability id: VSTOR-44043 With backup storage geo-replication, promotion to the primary cluster fails with the error: "name 'payload' is not defined." Vulnerability id: VSTOR-43126 A deadlock is possible between atomic and non-atomic commands i...