30 matches found
CVE-2021-21873
A specially-crafted HTTP request can lead to arbitrary command execution in RSA keypasswd parameter. An attacker can make an authenticated HTTP request to trigger this vulnerability...
PT-2021-14807 · Lantronix · Lantronix Premierwave 2050
Name of the Vulnerable Software and Affected Versions: Lantronix PremierWave 2050 version 8.9.0.0R4 Description: A command injection issue exists in the Web Manager Diagnostics: Traceroute functionality, allowing arbitrary command execution via a specially-crafted HTTP request. An attacker can...
CVE-2018-4064
An exploitable unverified password change vulnerability exists in the ACEManager upload.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. A specially crafted HTTP request can cause a unverified device configuration change, resulting in an unverified change of the user password on the...
CVE-2017-16254
An exploitable buffer overflow vulnerability exists in the PubNub message handler Insteon Hub 2245-222 - Firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker can send an authenticated HTTP...
CVE-2018-3949
An exploitable information disclosure vulnerability exists in the HTTP server functionality of the TP-Link TL-R600VPN. A specially crafted URL can cause a directory traversal, resulting in the disclosure of sensitive system files. An attacker can send either an unauthenticated or an authenticated...
Denial of service
An exploitable denial-of-service vulnerability exists in the URI-parsing functionality of the TP-Link TL-R600VPN HTTP server. A specially crafted URL can cause the server to stop responding to requests, resulting in downtime for the management portal. An attacker can send either an unauthenticate...
Insteon Hub Buffer Overflow Vulnerability (CNVD-2018-16501)
The Insteon Hub is an Insteon central controller product from Insteon USA. This product can remotely control light bulbs, wall switches, air conditioners and more in your home. A buffer overflow vulnerability exists in the PubNub 'ad' channel message handler in the Insteon Hub using firmware...
Insteon Hub Buffer Overflow Vulnerability (CNVD-2018-14860)
The Insteon Hub is an Insteon central controller product from Insteon USA. This product can remotely control light bulbs, wall switches, air conditioners and more in your home. A buffer overflow vulnerability exists in the Insteon Hub using firmware version 1012. An attacker could exploit the...
PT-2018-6268 · Insteon · Insteon Hub
Name of the Vulnerable Software and Affected Versions: Insteon Hub version 1012 Description: The issue allows an attacker to send an authenticated HTTP request to trigger a buffer overflow. Specifically, at memory address 0x9d01bb1c, the value for the uri key is copied using strcpy to a buffer at...
PT-2018-6271 · Insteon · Insteon Hub
Name of the Vulnerable Software and Affected Versions: Insteon Hub version 1012 Description: The issue allows an attacker to send an authenticated HTTP request to trigger a buffer overflow. Specifically, the value for the s vol dim delta key is copied using strcpy to a buffer at address 0xa000051...