22 matches found
EUVD-2014-3869
Malware in sbrugna...
CVE-2024-36075
The CoSoSys Endpoint Protector through 5.9.3 and Unify agent through 7.0.6 is susceptible to an arbitrary code execution vulnerability due to the way an archive obtained from the Endpoint Protector or Unify server is extracted on the endpoint. An attacker who is able to modify the archive on the...
CVE-2024-36072
Netwrix CoSoSys Endpoint Protector through 5.9.3 and CoSoSys Unify through 7.0.6 contain a remote code execution vulnerability in the logging component of the Endpoint Protector and Unify server application which allows an unauthenticated remote attacker to send a malicious request, resulting in...
CVE-2019-13285
CoSoSys Endpoint Protector 5.1.0.2 allows Host Header Injection...
CVE-2014-3932
SQL injection vulnerability in the device registration component in wsf/webservice.php in CoSoSys Endpoint Protector 4 4.3.0.4 and 4.4.0.2 allows remote attackers to execute arbitrary SQL commands via unspecified parameters...
CVE-2024-36072
Netwrix CoSoSys Endpoint Protector through 5.9.3 and CoSoSys Unify through 7.0.6 contain a remote code execution vulnerability in the logging component of the Endpoint Protector and Unify server application which allows an unauthenticated remote attacker to send a malicious request, resulting in...
PT-2024-26884 · Cososys · Cososys Endpoint Protector
Name of the Vulnerable Software and Affected Versions: CoSoSys Endpoint Protector versions 5.9.3 and earlier Unify agent versions 7.0.6 and earlier Description: The issue is related to the extraction of an archive obtained from the server on the endpoint, which can lead to arbitrary code executio...
CoSoSys Endpoint Protector Injection Vulnerability
CoSoSys Endpoint Protector is a cross-platform data loss prevention system from CoSoSys Romania. The system supports USB and peripheral port control, dynamic data scanning, USB encryption and static data scanning. An injection vulnerability exists in CoSoSys Endpoint Protector version 5.1.0.2,...
CVE-2019-13285
CoSoSys Endpoint Protector 5.1.0.2 allows Host Header Injection...
CVE-2019-13285
CoSoSys Endpoint Protector 5.1.0.2 allows Host Header Injection...
Design/Logic Flaw
CoSoSys Endpoint Protector 5.1.0.2 allows Host Header Injection...
CoSoSys Endpoint Protector 4.5.0.1 Remote Root Command Injection
Title : CoSoSys Endpoint Protector - Authenticated Remote Root Command Injection Date : Vulnerability submitted in 01/12/2017 and published in 01/08/2018 Author : 0x09AL Tested on : Endpoint Protector 4.5.0.1 Software Link : https://www.endpointprotector.com/ Vulnerable Versions : Endpoint...
SEC Consult SA-20140521-0 :: Multiple critical vulnerabilities in CoSoSys Endpoint Protector 4
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SEC Consult Vulnerability Lab Security Advisory 20140521-0 ======================================================================= title: Multiple vulnerabilities product: CoSoSys Endpoint Protector 4 vulnerable version: all - except issue 1 fixed...
CVE-2014-3932
SQL injection vulnerability in the device registration component in wsf/webservice.php in CoSoSys Endpoint Protector 4 4.3.0.4 and 4.4.0.2 allows remote attackers to execute arbitrary SQL commands via unspecified parameters...
Sql injection
SQL injection vulnerability in the device registration component in wsf/webservice.php in CoSoSys Endpoint Protector 4 4.3.0.4 and 4.4.0.2 allows remote attackers to execute arbitrary SQL commands via unspecified parameters...
CVE-2014-3932
SQL injection vulnerability in the device registration component in wsf/webservice.php in CoSoSys Endpoint Protector 4 4.3.0.4 and 4.4.0.2 allows remote attackers to execute arbitrary SQL commands via unspecified parameters...
CVE-2014-3932
CVE-2014-3932 affects CoSoSys Endpoint Protector, specifically the device registration component (wsf/webservice.php) in versions 4.3.0.4 and 4.4.0.2. The root cause is an SQL injection vulnerability that allows remote attackers to execute arbitrary SQL commands via unspecified parameters. Impact...
CoSoSys Endpoint Protector 4 Predictable Password
The remote CoSoSys Endpoint Protector 4 is affected by a password disclosure flaw. Specifically, the 'epproot' account is set to the default password 'eroot!00$SUMRO', where $SUM is the sum of the 9 digits in the appliance serial number. C Tenable Network Security, Inc. include"compat.inc";...
CoSoSys Endpoint Protector Detection
The remote web server hosts CoSoSys Endpoint Protector, a web-based data loss prevention application. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid62941; scriptversion"1.7"; scriptcvsdate"Date: 2020/01/22"; scriptnameenglish:"CoSoSys Endpoint Protector Detection";...
CVE-2012-2994
The CoSoSys Endpoint Protector 4 appliance establishes an EPProot password based entirely on the appliance serial number, which makes it easier for remote attackers to obtain access via a brute-force attack...