91 matches found
EUVD-2021-13516
Malware in sbrugna...
EUVD-2021-13519
Malware in sbrugna...
EUVD-2021-13515
Malware in sbrugna...
EUVD-2021-13520
Malware in sbrugna...
EUVD-2021-31578
Malicious code in bioql PyPI...
EUVD-2021-32971
Malicious code in bioql PyPI...
EUVD-2021-31581
Malicious code in bioql PyPI...
EUVD-2021-32634
Malicious code in bioql PyPI...
CVE-2021-45925
Observable discrepancies in the login process allow an attacker to guess legitimate user names registered in the BMC. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0...
CVE-2021-26732
A broken access control vulnerability in the Firstnetworkfunc function of spxrestservice allows an attacker to arbitrarily change the network configuration of the BMC. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0...
CVE-2021-26729
Command injection and multiple stack-based buffer overflows vulnerabilities in the Loginhandlerfunc function of spxrestservice allow an attacker to execute arbitrary code with the same privileges as the server user root. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0...
CVE-2021-4228
Use of hard-coded TLS certificate by default allows an attacker to perform Man-in-the-Middle MitM attacks even in the presence of the HTTPS connection. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.00.0...
CVE-2021-44776
A broken access control vulnerability in the SubNethandlerfunc function of spxrestservice allows an attacker to arbitrarily change the security access rights to KVM and Virtual Media functionalities. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0...
CVE-2021-44769
An improper input validation vulnerability in the TLS certificate generation function allows an attacker to cause a Denial-of-Service DoS condition which can only be reverted via a factory reset. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0...
CVE-2021-46279
Session fixation and insufficient session expiration vulnerabilities allow an attacker to perfom session hijacking attacks against users. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0...
CVE-2021-44769
An improper input validation vulnerability in the TLS certificate generation function allows an attacker to cause a Denial-of-Service DoS condition which can only be reverted via a factory reset. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0...
CVE-2021-46279
Session fixation and insufficient session expiration vulnerabilities allow an attacker to perfom session hijacking attacks against users. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0...
CVE-2021-45925
Observable discrepancies in the login process allow an attacker to guess legitimate user names registered in the BMC. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0...
CVE-2021-26731
Command injection and multiple stack-based buffer overflows vulnerabilities in the modifyUserbfunc function of spxrestservice allow an authenticated attacker to execute arbitrary code with the same privileges as the server user root. This issue affects: Lanner Inc IAC-AST2500A standard firmware...
CVE-2021-26732
A broken access control vulnerability in the Firstnetworkfunc function of spxrestservice allows an attacker to arbitrarily change the network configuration of the BMC. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0...