Lucene search
+L

418 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 3:53 a.m.8 views

CVE-2023-33684

Weak session management in DB Elettronica Telecomunicazioni SpA SFT DAB 600/C Firmware: 1.9.3 Bios firmware: 7.1 Apr 19 2021 Gui: 2.46 FPGA: 169.55 uc: 6.15 allows attackers on the same network to bypass authentication by re-using the IP address assigned to the device by the NAT protocol...

5.7CVSS7.2AI score0.00343EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:3 a.m.11 views

CVE-2023-33626

D-Link DIR-600 Hardware Version B5, Firmware Version 2.18 was discovered to contain a stack overflow via the gena.cgi binary...

9.8CVSS7.8AI score0.01531EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:2 a.m.12 views

CVE-2023-33625

D-Link DIR-600 Hardware Version B5, Firmware Version 2.18 was discovered to contain a command injection vulnerability via the ST parameter in the lxmldbcsystem function...

9.8CVSS7.8AI score0.33154EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:5 p.m.7 views

CVE-2021-37471

Cradlepoint IBR900-600 devices running versions 7.21.10 are vulnerable to a restricted shell escape sequence that provides an attacker the capability to simultaneously deny availability to the device's NetCloud Manager console, local console and SSH command-line...

7.8CVSS6.7AI score0.0116EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:29 p.m.5 views

CVE-2020-6204

The selection query in SAP Treasury and Risk Management Transaction Management EA-FINSERV?versions 600, 603, 604, 605, 606, 616, 617, 618, 800 and S4CORE versions 101, 102, 103, 104 returns more records than it should be when selecting and displaying the contract number, leading to Missing...

4.3CVSS6.8AI score0.00627EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:35 a.m.7 views

CVE-2019-15378

The Panasonic Eluga Ray 600 Android device with a build fingerprint of Panasonic/ELUGARay600/ELUGARay600:8.1.0/O11019/1532692680:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app versionCode=27, versionName=8.1.0 that allows any app co-located on the...

5.5CVSS6.6AI score0.00292EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/03/18 12:0 a.m.8 views

The vulnerability of the microprogrammed software of industrial routers SCALANCE M-800 and industrial switches SCALANCE SC-600, related to partial comparison, allows a intruder to influence the integrity of the protected information.

The vulnerability of the microprogrammed software of industrial routers SCALANCE M-800 and industrial switches SCALANCE SC-600 is related to a partial comparison. Exploiting this vulnerability could allow an attacker operating remotely to influence the integrity of the protected information...

3.7CVSS5.5AI score0.00258EPSS
Exploits0References2Affected Software27
Tenable Nessus
Tenable Nessus
added 2025/03/17 12:0 a.m.7 views

Siemens SCALANCE M-800 and SC-600 Families Partial String Comparison (CVE-2025-23384)

A remote attacker needs to have access to a valid certificate in order to perform a successful attack. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description...

6.3CVSS5.6AI score0.00258EPSS
Exploits0References4
ICS
ICS
added 2025/03/11 12:0 a.m.8 views

Siemens SCALANCE M-800 and SC-600 Families

SUMMARY SCALANCE M-800 and SC-600 families are affected by improper input validation in the OpenVPN authentication. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends specific...

6.3CVSS6.5AI score0.00258EPSS
Exploits0References10
OpenVAS
OpenVAS
added 2025/03/05 12:0 a.m.9 views

D-Link DIR-600 Multiple Vulnerabilities (2013 - 2024)

D-Link DIR-600 devices are prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

10CVSS6.2AI score0.33154EPSS
Exploits6References12
NVD
NVD
added 2025/01/10 4:15 p.m.19 views

CVE-2025-22152

Atheos is a self-hosted browser-based cloud IDE. Prior to v600, the $path and $target parameters are not properly validated across multiple components, allowing an attacker to read, modify, or execute arbitrary files on the server. These vulnerabilities can be exploited through various attack...

9.4CVSS0.00639EPSS
Exploits0References1
CVE
CVE
added 2025/01/10 3:23 p.m.81 views

CVE-2025-22152

Atheos (self-hosted browser-based cloud IDE) contains path traversal/file-include style vulnerabilities in multiple PHP files where the $path and $target parameters are not properly validated prior to v600. This allows an attacker to read, modify, or execute arbitrary files on the server. The iss...

9.4CVSS9.2AI score0.00639EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/01/10 3:23 p.m.39 views

CVE-2025-22152 Improper Path Validation Enables Path Traversal in Multiple Components in Atheos

Atheos is a self-hosted browser-based cloud IDE. Prior to v600, the $path and $target parameters are not properly validated across multiple components, allowing an attacker to read, modify, or execute arbitrary files on the server. These vulnerabilities can be exploited through various attack...

9.4CVSS0.00639EPSS
Exploits0References1
Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.200 views

D-Link DIR-600 / DIR-300 Unauthenticated Remote Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'D-Link DIR-600 / DIR-300 Unauthenticated Remote Command Execution', 'Description' = %q This module exploits an OS Command Injection vulnerability...

7.4AI score
Exploits0
CNVD
CNVD
added 2024/08/05 12:0 a.m.9 views

D-Link DIR-600 OS Command Injection Vulnerability

The D-Link DIR-600 is a wireless router from China's AUO D-Link. An operating system command injection vulnerability exists in the D-Link DIR-600 version 2.18 and earlier, which stems from the fact that manipulation of service parameters can lead to os command injection. No details of the...

9.8CVSS7.6AI score0.0574EPSS
Exploits1References1
OSV
OSV
added 2024/08/01 1:15 p.m.4 views

CVE-2024-7357

UNSUPPORTED WHEN ASSIGNED A vulnerability was found in D-Link DIR-600 up to 2.18. It has been rated as critical. This issue affects the function soapcgimain of the file /soap.cgi. The manipulation of the argument service leads to os command injection. The attack may be initiated remotely. The...

9.8CVSS5.6AI score0.0574EPSS
Exploits1References5
NVD
NVD
added 2024/08/01 1:15 p.m.17 views

CVE-2024-7357

UNSUPPORTED WHEN ASSIGNED A vulnerability was found in D-Link DIR-600 up to 2.18. It has been rated as critical. This issue affects the function soapcgimain of the file /soap.cgi. The manipulation of the argument service leads to os command injection. The attack may be initiated remotely. The...

9.8CVSS0.0574EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2024/08/01 1:0 p.m.17 views

CVE-2024-7357 D-Link DIR-600 soap.cgi soapcgi_main os command injection

UNSUPPORTED WHEN ASSIGNED A vulnerability was found in D-Link DIR-600 up to 2.18. It has been rated as critical. This issue affects the function soapcgimain of the file /soap.cgi. The manipulation of the argument service leads to os command injection. The attack may be initiated remotely. The...

6.5CVSS7.5AI score0.0574EPSS
Exploits1References5
Cvelist
Cvelist
added 2024/08/01 1:0 p.m.40 views

CVE-2024-7357 D-Link DIR-600 soap.cgi soapcgi_main os command injection

UNSUPPORTED WHEN ASSIGNED A vulnerability was found in D-Link DIR-600 up to 2.18. It has been rated as critical. This issue affects the function soapcgimain of the file /soap.cgi. The manipulation of the argument service leads to os command injection. The attack may be initiated remotely. The...

6.5CVSS0.0574EPSS
Exploits1References5
CVE
CVE
added 2024/08/01 1:0 p.m.79 views

CVE-2024-7357

CVE-2024-7357 affects D-Link DIR-600 firmware up to 2.18. The vulnerability is in the soap.cgi helper soapcgi_main function, where manipulation of the service argument leads to OS command injection. The attack can be remote and the exploit has been disclosed publicly. The product is end-of-life a...

9.8CVSS6.9AI score0.0574EPSS
Exploits1References5Affected Software1
Rows per page
Query Builder