25 matches found
CVE-2026-7161
An insufficient encryption vulnerability exists in the Device Authentication functionality of GeoVision GV-IP Device Utility 9.0.5. Listening to broadcast packets can lead to credentials leak. An attacker can listen to broadcast messages to trigger this vulnerability. When interacting with variou...
CVE-2026-42363
An insufficient encryption vulnerability exists in the Device Authentication functionality of GeoVision GV-IP Device Utility 9.0.5. Listening to broadcast packets can lead to credentials leak. An attacker can listen to broadcast messages to trigger this vulnerability. When interacting with variou...
CVE-2026-42363 GeoVision GV-IP Device Utility Device Authentication insufficient encryption vulnerability
An insufficient encryption vulnerability exists in the Device Authentication functionality of GeoVision GV-IP Device Utility 9.0.5. Listening to broadcast packets can lead to credentials leak. An attacker can listen to broadcast messages to trigger this vulnerability. When interacting with variou...
CVE-2026-42363
An insufficient encryption vulnerability exists in the Device Authentication functionality of GeoVision GV-IP Device Utility 9.0.5. Listening to broadcast packets can lead to credentials leak. An attacker can listen to broadcast messages to trigger this vulnerability. When interacting with variou...
EUVD-2017-18955
Hirschmann HiLCOS products OpenBAT, BAT450, WLC, BAT867 contains a firewall filtering vulnerability that fails to correctly filter IPv4 multicast and broadcast traffic when management IP address filtering is disabled, allowing configured filter rules to be bypassed. Attackers with network access...
CVE-2017-20233 Hirschmann HiLCOS Layer-2 Firewall Multicast Broadcast Traffic Bypass
Hirschmann HiLCOS products OpenBAT, BAT450, WLC, BAT867 contains a firewall filtering vulnerability that fails to correctly filter IPv4 multicast and broadcast traffic when management IP address filtering is disabled, allowing configured filter rules to be bypassed. Attackers with network access...
CVE-2017-20233 Hirschmann HiLCOS Layer-2 Firewall Multicast Broadcast Traffic Bypass
Hirschmann HiLCOS products OpenBAT, BAT450, WLC, BAT867 contains a firewall filtering vulnerability that fails to correctly filter IPv4 multicast and broadcast traffic when management IP address filtering is disabled, allowing configured filter rules to be bypassed. Attackers with network access...
CVE-2017-20233
CVE-2017-20233 affects Hirschmann HiLCOS devices OpenBAT, BAT450, WLC, and BAT867. The issue is a firewall filtering vulnerability where IPv4 multicast and broadcast traffic are not correctly filtered when management IP address filtering is disabled, allowing bypass of configured firewall rules. ...
EUVD-2020-24502
Malware in sbrugna...
EUVD-2004-0592
Malware in sbrugna...
The vulnerability of the 802.1X standard implementation in Cisco IOS operating systems allows a intruder to gain unauthorized access to protected information.
The vulnerability of the 802.1X standard implementation in Cisco IOS exists due to errors in handling broadcast traffic. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...
Cisco IOS Software for Catalyst 2960-L Series Switches and Catalyst CDB-8P Switches 802.1X Authentication Bypass Vulnerability (cisco-sa-c2960L-DpWA9Re4)
An authentication bypass vulnerability exists in Cisco IOS Software for Catalyst 2960-L Series Switches and Catalyst CDB-8P Switches due to broadcast traffic that is received on the 802.1X-enabled port being mishandled. An unauthenticated, remote attacker can exploit this by sending broadcast...
Cisco Catalyst 2960-L Series Switches and CDB-8P Switches Access Control Error Vulnerability
The Cisco Catalyst 2960-L Series Switches and the Cisco Catalyst CDB-8P Switches are both products of Cisco, Inc.The Cisco Catalyst 2960-L Series Switches is a 2960-L series switch. Cisco Catalyst CDB-8P Switches is a digital building series switch. An access control error vulnerability exists in...
CVE-2020-3231
A vulnerability in the 802.1X feature of Cisco Catalyst 2960-L Series Switches and Cisco Catalyst CDB-8P Switches could allow an unauthenticated, adjacent attacker to forward broadcast traffic before being authenticated on the port. The vulnerability exists because broadcast traffic that is...
CVE-2020-3231
A vulnerability in the 802.1X feature of Cisco Catalyst 2960-L Series Switches and Cisco Catalyst CDB-8P Switches could allow an unauthenticated, adjacent attacker to forward broadcast traffic before being authenticated on the port. The vulnerability exists because broadcast traffic that is...
Authentication flaw
A vulnerability in the 802.1X feature of Cisco Catalyst 2960-L Series Switches and Cisco Catalyst CDB-8P Switches could allow an unauthenticated, adjacent attacker to forward broadcast traffic before being authenticated on the port. The vulnerability exists because broadcast traffic that is...
CVE-2020-3231
CVE-2020-3231 affects Cisco IOS Software for Catalyst 2960-L Series Switches and Catalyst CDB-8P Switches. The issue is an 802.1X authentication bypass caused by mishandling of broadcast traffic on 802.1X-enabled ports, allowing an unauthenticated, adjacent attacker to forward broadcast traffic b...
Industrial Security Featuring Delta's enteliBUS Manager
ARCHIVED STORY From Building Control to Damage Control: A Case Study in Industrial Security Featuring Delta's enteliBUS Manager By Mark Bereza · August 09, 2019 Management. Control. It seems that you can’t stick five people in a room together without one of them trying to order the others around...
The vulnerability of Cisco ASR 900 router microprogramming software, related to uncontrolled resource consumption, allows a hacker to trigger a service failure.
The vulnerability of Cisco ASR 900 microprogrammed software lies in the uncontrolled consumption of resources. Exploiting this vulnerability can allow a malicious actor to cause partial service interruptions by sending a large number of broadcast packets to the vulnerable device...
Combining Responder and PsExec for Internal Penetration Tests
By Emilie St-Pierre, TJ Byrom, and Eric Sun Ask any pen tester what their top five penetration testing tools are for internal engagements, and you will likely get a reply containing nmap, Metasploit, CrackMapExec, SMBRelay and Responder. An essential tool for any whitehat, Responder is a Python...