20 matches found
CVE-2019-25351
Centova Cast 3.2.11 contains a file download vulnerability that allows authenticated attackers to retrieve arbitrary system files through the server.copyfile API endpoint. Attackers can exploit the vulnerability by supplying crafted parameters to download sensitive files like /etc/passwd using cu...
CVE-2019-25351
CVE-2019-25351 affects Centova Cast 3.2.11. A vulnerability in the server.copyfile API endpoint allows authenticated attackers to retrieve arbitrary system files by supplying crafted parameters, enabling downloads such as /etc/passwd via curl or wget. Impact is high on confidentiality; no remedia...
CVE-2019-25351 Centova Cast 3.2.11 - Arbitrary File Download
Centova Cast 3.2.11 contains a file download vulnerability that allows authenticated attackers to retrieve arbitrary system files through the server.copyfile API endpoint. Attackers can exploit the vulnerability by supplying crafted parameters to download sensitive files like /etc/passwd using cu...
CVE-2019-25351 Centova Cast 3.2.11 - Arbitrary File Download
Centova Cast 3.2.11 contains a file download vulnerability that allows authenticated attackers to retrieve arbitrary system files through the server.copyfile API endpoint. Attackers can exploit the vulnerability by supplying crafted parameters to download sensitive files like /etc/passwd using cu...
Centova Cast 安全漏洞
Centova Cast is an internet-based broadcast streaming media management control panel provided by the Canadian company Centova. Version 3.2.11 of Centova Cast contains a security vulnerability. This vulnerability allows authenticated attackers to retrieve arbitrary system files through the...
CVE-2019-25342
Centova Cast 3.2.12 contains a denial of service vulnerability that allows attackers to overwhelm the system by repeatedly calling the database export API endpoint. Attackers can trigger 100% CPU load by sending multiple concurrent requests to the /api.php endpoint with crafted parameters...
CVE-2019-25342 Centova Cast 3.2.12 - Denial of Service
Centova Cast 3.2.12 contains a denial of service vulnerability that allows attackers to overwhelm the system by repeatedly calling the database export API endpoint. Attackers can trigger 100% CPU load by sending multiple concurrent requests to the /api.php endpoint with crafted parameters...
CVE-2019-25342
Centova Cast 3.2.12 contains a denial of service vulnerability that allows attackers to overwhelm the system by repeatedly calling the database export API endpoint. Attackers can trigger 100% CPU load by sending multiple concurrent requests to the /api.php endpoint with crafted parameters...
CVE-2019-25342
CVE-2019-25342 affects Centova Cast 3.2.12. The vulnerability is a denial-of-service in which repeatedly calling the database export API endpoint (via /api.php) with crafted parameters and multiple concurrent requests can drive the system to 100% CPU. Metrics indicate high impact to availability ...
CVE-2019-25342 Centova Cast 3.2.12 - Denial of Service
Centova Cast 3.2.12 contains a denial of service vulnerability that allows attackers to overwhelm the system by repeatedly calling the database export API endpoint. Attackers can trigger 100% CPU load by sending multiple concurrent requests to the /api.php endpoint with crafted parameters...
Centova Cast 安全漏洞
Centova Cast is an internet-based broadcast streaming media management control panel developed by Centova Corporation in Canada. Version 3.2.12 of Centova Cast contains a security vulnerability. This vulnerability stems from the repeated invocation of the database export API endpoint, which could...
PT-2026-7941
Centova Cast 3.2.12 contains a denial of service vulnerability that allows attackers to overwhelm the system by repeatedly calling the database export API endpoint. Attackers can trigger 100% CPU load by sending multiple concurrent requests to the /api.php endpoint with crafted parameters...
Centova Cast 3.2.12 - Denial of Service (PoC)
Centova Cast 3.2.12 - Denial of Service PoC Exploit Title: Centova Cast 3.2.12 - Denial of Service PoC Date: 2019-11-18 Exploit Author: DroidU Vendor Homepage: https://centova.com Affected Version: =v3.2.12 Tested on: Debian 9, CentOS 7 =============================================== The Centova...
Centova Cast 3.2.12 - Denial of Service Exploit
Exploit Title: Centova Cast 3.2.12 - Denial of Service PoC Exploit Author: DroidU Vendor Homepage: https://centova.com Affected Version: =v3.2.12 Tested on: Debian 9, CentOS 7 =============================================== The Centova Cast becomes out of control and causes 100% CPU load on all...
Centova Cast 3.2.12 Denial Of Service
Exploit Title: Centova Cast 3.2.12 - Denial of Service PoC Date: 2019-11-18 Exploit Author: DroidU Vendor Homepage: https://centova.com Affected Version: =v3.2.12 Tested on: Debian 9, CentOS 7 =============================================== The Centova Cast becomes out of control and causes 100%...
Centova Cast 3.2.12 - Denial of Service (PoC)
Exploit Title: Centova Cast 3.2.12 - Denial of Service PoC Date: 2019-11-18 Exploit Author: DroidU Vendor Homepage: https://centova.com Affected Version: =v3.2.12 Tested on: Debian 9, CentOS 7 =============================================== The Centova Cast becomes out of control and causes 100%...
Centova Cast 3.2.11 - Arbitrary File Download
Centova Cast 3.2.11 - Arbitrary File Download Exploit Title: Centova Cast 3.2.11 - Arbitrary File Download Date: 2019-11-17 Exploit Author: DroidU Vendor Homepage: https://centova.com Affected Version: =v3.2.11 Tested on: Debian 9, CentOS 7 !/bin/bash if "$4" = "" then echo "Usage: $0...
Centova Cast 3.2.11 Arbitrary File Download
Exploit Title: Centova Cast 3.2.11 - Arbitrary File Download Date: 2019-11-17 Exploit Author: DroidU Vendor Homepage: https://centova.com Affected Version: =v3.2.11 Tested on: Debian 9, CentOS 7 !/bin/bash if "$4" = "" then echo "Usage: $0 centovacasturl user password ftpaddress" exit fi url=$1...
Centova Cast 3.2.11 - Arbitrary File Download Vulnerability
Exploit for hardware platform in category web applications Exploit Title: Centova Cast 3.2.11 - Arbitrary File Download Exploit Author: DroidU Vendor Homepage: https://centova.com Affected Version: =v3.2.11 Tested on: Debian 9, CentOS 7 !/bin/bash if "$4" = "" then echo "Usage: $0 centovacasturl...
Centova Cast 3.2.11 - Arbitrary File Download
Exploit Title: Centova Cast 3.2.11 - Arbitrary File Download Date: 2019-11-17 Exploit Author: DroidU Vendor Homepage: https://centova.com Affected Version: =v3.2.11 Tested on: Debian 9, CentOS 7 !/bin/bash if "$4" = "" then echo "Usage: $0 centovacasturl user password ftpaddress" exit fi url=$1...