EUVD-2025-202814

Malicious code in elf-stats-evergreen-nightcap-747 npm...

MAL-2025-192495 Malicious code in elf-stats-evergreen-nightcap-747 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6401493011d8023c006e2f15183f09d0c1d035aa86befa459a2d5ad583cdb3e3 The package elf-stats-evergreen-nightcap-747 was found to contain malicious code...

EUVD-2007-3794

Malware in sbrugna...

CVE-2024-34209

TOTOLINK CP450 v4.1.0cu.747B20191224 was discovered to contain a stack buffer overflow vulnerability in the setIpPortFilterRules function...

PT-2024-25744 · Totolink · Totolink Outdoor Cpe Cp450

Name of the Vulnerable Software and Affected Versions: TOTOLINK outdoor CPE CP450 version 4.1.0cu.747 B20191224 Description: A command injection issue was found in the CloudACMunualUpdate function, specifically via the FileName parameter. Recommendations: For version 4.1.0cu.747 B20191224, as a...

PT-2024-25740 · Totolink · Totolink Cp450

Name of the Vulnerable Software and Affected Versions: TOTOLINK CP450 version 4.1.0cu.747 B20191224 Description: A command injection issue was found in the download firmware function, which could potentially be exploited. Recommendations: For TOTOLINK CP450 version 4.1.0cu.747 B20191224, consider...

PT-2024-25739 · Totolink · Totolink Outdoor Cpe Cp450

Name of the Vulnerable Software and Affected Versions: TOTOLINK outdoor CPE CP450 version 4.1.0cu.747 B20191224 Description: A command injection issue was found in the setUpgradeFW function via the FileName parameter. Recommendations: For version 4.1.0cu.747 B20191224, consider restricting access...

PT-2024-3693 · Totolink · Totolink Cp450

Name of the Vulnerable Software and Affected Versions: TOTOLINK CP450 version 4.1.0cu.747 B20191224 Description: The issue is related to a stack buffer overflow vulnerability in the setStaticDhcpConfig function of the TOTOLINK CP450 router's firmware. This vulnerability can be exploited by a remo...

PT-2024-3690 · Totolink · Totolink Cp450

Name of the Vulnerable Software and Affected Versions: TOTOLINK CP450 version 4.1.0cu.747 B20191224 Description: The issue is related to a vulnerability in the SetTelnetCfg function, which can be exploited by attackers to log in through telnet. This vulnerability exists due to insufficient input...

PT-2024-25738 · Totolink · Totolink Cp450

Name of the Vulnerable Software and Affected Versions: TOTOLINK CP450 version 4.1.0cu.747 B20191224 Description: A stack buffer overflow issue was found in the setLanguageCfg function, which can be exploited. Recommendations: For TOTOLINK CP450 version 4.1.0cu.747 B20191224, consider disabling th...

PT-2024-25737 · Totolink · Totolink Cp450

Name of the Vulnerable Software and Affected Versions: TOTOLINK CP450 version 4.1.0cu.747 B20191224 Description: A stack buffer overflow issue was found in the getSaveConfig function. Recommendations: For TOTOLINK CP450 version 4.1.0cu.747 B20191224, consider avoiding the use of the getSaveConfig...

PT-2024-25736 · Totolink · Totolink Cp450

Name of the Vulnerable Software and Affected Versions: TOTOLINK CPE CP450 version 4.1.0cu.747 B20191224 Description: A stack buffer overflow issue was found in the setIpQosRules function. This issue can potentially be exploited, but no details about the estimated number of affected devices or...

PT-2024-25747 · Totolink · Totolink Cp450

Name of the Vulnerable Software and Affected Versions: TOTOLINK CP450 version 4.1.0cu.747 B20191224 Description: A stack buffer overflow issue was found in the SetPortForwardRules function. Recommendations: For TOTOLINK CP450 version 4.1.0cu.747 B20191224, consider disabling the SetPortForwardRul...

Directory traversal

An attacker with non-administrative authorizations in SAP NetWeaver BI CONT ADD ON - versions 707, 737, 747, 757, can exploit a directory traversal flaw to over-write system files. Data from confidential files cannot be read but potentially some OS files can be over-written leading to system...

CVE-2023-33989 Directory Traversal vulnerability in SAP NetWeaver (BI CONT ADD ON)

An attacker with non-administrative authorizations in SAP NetWeaver BI CONT ADD ON - versions 707, 737, 747, 757, can exploit a directory traversal flaw to over-write system files. Data from confidential files cannot be read but potentially some OS files can be over-written leading to system...

Getting a persistent shell on a 747 IFE

TL:DR The Coronavirus pandemic has hit the airline industry hard. One sad consequence was early retirement of most of the 747 passenger fleet. This does however create opportunities for aviation security research, as airframes are parked up before parting out in breakers yards. This 747 was flyin...

DEF CON 28: 747 Walkthrough from a Hacker’s Perspective

This post is a companion to the DEF CON 28 video available here Airframe tour Alex: Welcome to this virtual 747-400 walkthrough. One of the advantages of DEF CON Safe Mode this year is that we’re able to bring you things like this. Nothing beats being able to climb onboard and poke around a real...

Amazon Linux: Security Advisory (ALAS-2016-747)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Remote file inclusion

PHP remote file inclusion vulnerability in include/define.php in REALTOR 747 4.11 allows remote attackers to execute arbitrary PHP code via a URL in the INCDIR parameter...

CVE-2009-0495

PHP remote file inclusion vulnerability in include/define.php in REALTOR 747 4.11 allows remote attackers to execute arbitrary PHP code via a URL in the INCDIR parameter...