CVE-2023-21418

Sandro Poppi, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API irissetup.cgi was vulnerable to path traversal attacks that allows for file deletion. This flaw can only be exploited after authenticating with an operator- or administrator-privileged service account. The impact...

Default credentials

The telnet administrator service running on port 650 on Gigaset DX600A v41.00-175 devices does not implement any lockout or throttling functionality. This situation together with the weak password policy that forces a 4-digit password allows remote attackers to easily obtain administrative access...

CVE-2021-25309

The telnet administrator service running on port 650 on Gigaset DX600A v41.00-175 devices does not implement any lockout or throttling functionality. This situation together with the weak password policy that forces a 4-digit password allows remote attackers to easily obtain administrative access...

CVE-2021-25309

CVE-2021-25309 affects Gigaset DX600A devices with firmware v41.00-175. The telnet administrator service on port 650 does not implement any lockout or throttling, combined with a 4-digit weak password policy, enabling remote attackers to obtain administrative access via brute-force attempts. Publ...

Qualcomm Bluetooth Host Information Disclosure Vulnerability

A security vulnerability exists in Qualcomm Bluetooth Host that stems from an arbitrary read issue that results in local privilege escalation in the administrator service...

CVE-2017-5531

Deployments of TIBCO Managed File Transfer Command Center versions 8.0.0 and 8.0.1 and TIBCO Managed File Transfer Internet Server versions 8.0.0 and 8.0.1 that enable the Administrator Service may be affected by a vulnerability which may allow any authenticated user to gain administrative contro...

CVE-2017-5531

CVE-2017-5531 affects TIBCO Managed File Transfer Command Center (CC) and Managed File Transfer Internet Server (IS) versions 8.0.0 and 8.0.1. The issue may allow any authenticated user to gain administrative control of the Managed File Transfer web applications via the Administrator Service. In ...

Symantec Veritas Administrator Service vxsvc Buffer Overflow (CVE-2011-0547)

A code execution vulnerability has been reported in Symantec Veritas enterprise administrator service. The vulnerability is due to improper buffer allocation while parsing requests. An attacker may exploit this vulnerability by sending a specially crafted request to an affected server. Successful...

CVE-2009-3749

The Web Administrator service STEMWADM.EXE in Websense Personal Email Manager 7.1 before Hotfix 4 and Email Security 7.1 before Hotfix 4 allows remote attackers to cause a denial of service crash by sending a HTTP GET request to TCP port 8181 and closing the socket before the service can send a...

Code injection

The Web Administrator service STEMWADM.EXE in Websense Personal Email Manager 7.1 before Hotfix 4 and Email Security 7.1 before Hotfix 4 allows remote attackers to cause a denial of service crash by sending a HTTP GET request to TCP port 8181 and closing the socket before the service can send a...

CVE-2009-3749

The CVE-2009-3749 vulnerability affects Websense Web Administrator service (STEMWADM.EXE) in Websense Personal Email Manager 7.1 before Hotfix 4 and Websense Email Security 7.1 before Hotfix 4. An attacker can remotely trigger a denial-of-service (crash) by sending an HTTP GET to TCP port 8181 an...

Veritas Storage Foundation Administrator service buffer overflow

Added: 03/03/2008 CVE: CVE-2008-0638 BID: 25778 OSVDB: 41978 Background Veritas Storage Foundation is an online storage management solution. An Administrator service, implemented by vxsvc.exe, listens on port 3207 by default. Problem A buffer overflow vulnerability in the Administrator service...

Symantec Veritas Storage Foundation VEA组件堆溢出漏洞

BUGTRAQ ID: 25778 CVECAN ID: CVE-2008-0638 Veritas Storage Foundation是用于管理Veritas产品存储的解决方案。 Veritas Storage Foundation在服务组件实现上存在漏洞，远程攻击者可能利用此漏洞控制服务器。 Veritas Storage Foundation的Veritas企业管理员（VEA）组件中的Administrator服务（vxsvc.exe，默认监听于UDP...

Symantec VERITAS Storage Foundation Administrator Service Heap Overflow Vulnerability

This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Symantec VERITAS Storage Foundation. Authentication is not required to exploit this vulnerability. The specific flaw resides in the Administrator service, vxsvc.exe, which listens by default on UDP port...