19 matches found
EUVD-2016-1289
Malware in sbrugna...
EUVD-2017-14245
Malware in sbrugna...
TalariaX SendQuick Entera and Avera Device Command Injection Vulnerability
TalariaX SendQuick Entera and Avera are both products of TalariaX Singapore. The former is a web-based server management system and the latter is a plug-and-play network monitoring system. A command injection vulnerability exists in versions of the TalariaX SendQuick Entera and Avera appliances...
TalariaX SendQuick Entera and Avera Device Authentication Bypass Vulnerability
TalariaX SendQuick Entera and Avera are both products of TalariaX Singapore. The former is a web-based server management system and the latter is a plug-and-play network monitoring system. A security vulnerability exists in versions of TalariaX SendQuick Entera and Avera devices prior to 2HF16. A...
SendQSendQuick Entera and Avera SMS Gateway Appliances Denial of Service Vulnerability
TalariaX SendQuick Entera and Avera are both products of TalariaX Singapore. The former is a web-based server management system and the latter is a plug-and-play network monitoring system. A security vulnerability exists in versions of TalariaX SendQuick Entera and Avera devices prior to 2HF16 du...
CVE-2017-5136
An issue was discovered on SendQuick Entera and Avera devices before 2HF16. The application failed to check the access control of the request which could result in an attacker being able to shutdown the system...
Cross site request forgery (csrf)
An issue was discovered on SendQuick Entera and Avera devices before 2HF16. An attacker could request and download the SMS logs from an unauthenticated perspective...
Design/Logic Flaw
An issue was discovered on SendQuick Entera and Avera devices before 2HF16. The application failed to check the access control of the request which could result in an attacker being able to shutdown the system...
Command injection
An issue was discovered on SendQuick Entera and Avera devices before 2HF16. Multiple Command Injection vulnerabilities allow attackers to execute arbitrary system commands...
CVE-2017-5137
An issue was discovered on SendQuick Entera and Avera devices before 2HF16. An attacker could request and download the SMS logs from an unauthenticated perspective...
CVE-2016-10098
An issue was discovered on SendQuick Entera and Avera devices before 2HF16. Multiple Command Injection vulnerabilities allow attackers to execute arbitrary system commands...
CVE-2016-10098
An issue was discovered on SendQuick Entera and Avera devices before 2HF16. Multiple Command Injection vulnerabilities allow attackers to execute arbitrary system commands...
CVE-2017-5136
CVE-2017-5136 affects SendQuick Entera and Avera devices pre-2HF16. The issue is improper access-control validation on requests, enabling an attacker to shut down the system. Versions prior to 2HF16 are vulnerable; the recommended fix is to upgrade to 2HF16 or later. Public details come from CNVD...
CVE-2017-5137
CVE-2017-5137 affects TalariaX SendQuick Entera and Avera devices prior to version 2HF16. Multiple sources (NVD, CNVD, PT-Security) describe an unauthenticated attacker being able to request and download SMS logs without credentials, indicating an authentication bypass in the SMS-logs access path...
CVE-2017-5136
An issue was discovered on SendQuick Entera and Avera devices before 2HF16. The application failed to check the access control of the request which could result in an attacker being able to shutdown the system...
CVE-2016-10098
TalariaX SendQuick Entera and Avera devices before 2HF16 are affected by multiple Command Injection vulnerabilities that allow an attacker to execute arbitrary system commands. Affected products: SendQuick Entera (web-based server management) and Avera (plug‑and‑play network monitoring). Root cau...
PT-2017-16333 · Sendquick +1 · Sendquick Entera +1
Name of the Vulnerable Software and Affected Versions: SendQuick Entera versions prior to 2HF16 Avera versions prior to 2HF16 Description: An issue was discovered where the application failed to check the access control of the request, which could result in an attacker being able to shutdown the...
PT-2017-16334 · Sendquick +1 · Sendquick Entera +1
Name of the Vulnerable Software and Affected Versions: SendQuick Entera versions prior to 2HF16 Avera versions prior to 2HF16 Description: An issue allows an attacker to request and download SMS logs without authentication. Recommendations: For SendQuick Entera versions prior to 2HF16, update to...
PT-2017-7731 · Talariax · Sendquick Entera +1
Name of the Vulnerable Software and Affected Versions: SendQuick Entera versions prior to 2HF16 Avera versions prior to 2HF16 Description: An issue was discovered that allows attackers to execute arbitrary system commands due to multiple Command Injection vulnerabilities. Recommendations: For...