90 matches found
CVE-2021-41503
DCS-5000L v1.05 and DCS-932L v2.17 and older are affecged by Incorrect Acess Control. The use of the basic authentication for the devices command interface allows attack vectors that may compromise the cameras configuration and allow malicious users on the LAN to access the device. NOTE: This...
CVE-2021-41504
CVE-2021-41504 affects D-Link DCS-5000L (v1.05) and DCS-932L (v2.17) and older. The root cause is the use of digest-authentication for the devices command interface, which may enable elevated privileges and allow a malicious LAN user to access or alter the cameras’ configuration. This vulnerabili...
PT-2021-23315 · D Link · Dcs-932L +1
Name of the Vulnerable Software and Affected Versions: DCS-5000L version 1.05 and earlier DCS-932L version 2.17 and earlier Description: The issue is related to incorrect access control, allowing malicious users on the LAN to access the device due to the use of basic authentication for the device...
CVE-2021-25306
A buffer overflow vulnerability in the AT command interface of Gigaset DX600A v41.00-175 devices allows remote attackers to force a device reboot by sending relatively long AT commands...
Buffer overflow
A buffer overflow vulnerability in the AT command interface of Gigaset DX600A v41.00-175 devices allows remote attackers to force a device reboot by sending relatively long AT commands...
CVE-2021-25306
A buffer overflow vulnerability in the AT command interface of Gigaset DX600A v41.00-175 devices allows remote attackers to force a device reboot by sending relatively long AT commands...
CVE-2021-25306
CVE-2021-25306 describes a buffer overflow in the AT command interface of Gigaset DX600A v41.00-175 devices. A remote attacker can force a reboot by sending relatively long AT commands. Root cause: overflow in AT command handling. Impact: availability loss (device reboot) with high CVSS v3.1 scor...
Gigaset DX600A 缓冲区错误漏洞
The Gigaset DX600A is a communication device from the German company Gigaset. It provides a device for communication. The Gigaset DX600A suffers from a buffer error vulnerability that originates from a buffer overflow vulnerability in the command interface, which allows a remote attacker to explo...
CVE-2021-20074
Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows users to escape the provided command line interface and execute arbitrary OS commands...
ALEOS Stack Overflow Vulnerability
ALEOS is an integrated development environment for building customized embedded M2M applications. A stack overflow vulnerability exists in the AT command interface in ALEOS versions prior to 4.11.0, which can be exploited by an attacker to execute code...
ALEOS stack overflow vulnerability (CNVD-2020-48628)
ALEOS is an integrated development environment for building customized embedded M2M applications. A stack overflow vulnerability exists in the AT Command API in ALEOS versions prior to 4.11.0, which can be exploited by an attacker to execute code...
CVE-2019-11850
A stack overflow vulnerabiltity exist in the AT command interface of ALEOS before 4.11.0. The vulnerability may allow code execution...
CVE-2019-11853
Several potential command injections vulnerabilities exist in the AT command interface of ALEOS before 4.11.0, and 4.9.4...
CVE-2019-11853
ALEOS AT command interface exposes several potential command injection vulnerabilities in versions prior to 4.11.0 and 4.9.4. Connected CNVD/NVD entries confirm the issue affects ALEOS and reference affected versions; no additional exploitation details are provided in the sources. Remediation gui...
CVE-2019-11850
CVE-2019-11850 is about a stack overflow in the AT command interface of ALEOS before version 4.11.0. The vulnerability exists in ALEOS, an embedded M2M development environment, and can lead to remote code execution, with exploitation demonstrated in versions prior to 4.11.0 per CNVD-2020-48629 an...
CVE-2019-19834
Directory Traversal in ruckuscli2 in Ruckus Wireless Unleashed through 200.7.10.102.64 allows a remote attacker to jailbreak the CLI via enable-debug-script-exec with ../../../bin/sh as the parameter...
The vulnerability of the command-line interface (CLI) of the microprogramming software for Cisco TelePresence Collaboration Endpoint devices allows a perpetrator to execute arbitrary code.
The vulnerability of the command-line interface CLI of the microprogramming software for Cisco TelePresence Collaboration Endpoint devices relates to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to execute arbitrary code...
The vulnerability of the command-line interface on NX-OS and FX-OS devices of Cisco’s networking operating systems allows attackers to disclose sensitive information.
The vulnerability of the command-line interfaces of NX-OS and FX-OS devices from Cisco involves incomplete verification of role-based access control RBAC. Exploiting this vulnerability allows a malicious actor to disclose sensitive information by executing diagnostic commands with specially craft...
The vulnerability of the programmatically defined Cisco SD-WAN network, which arises due to insufficient validation of input data, allows a hacker to modify arbitrary files and increase their privileges.
The vulnerability of the programmatically defined Cisco SD-WAN network exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to modify arbitrary files and elevate their privileges to root by changing the “save” command in the command interface...
Telesquare SKT LTE Router SDT-CS3B1 - Cross-Site Request Forgery Vulnerability
Exploit for hardware platform in category web applications Telesquare SKT LTE Router SDT-CS3B1 CSRF System Command Execution Vendor: Telesquare Co., Ltd. Product web page: http://www.telesquare.co.kr Affected version: FwVer: SDT-CS3B1, sw version 1.2.0 LteVer: ML300S5XEA41090 1 0.1.0 Modem model:...