626 matches found
CVE-2022-20809
Multiple vulnerabilities in the API and web-based management interfaces of Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS could allow an authenticated, remote attacker to write files or disclose sensitive information on an affected device. For more information about...
CVE-2022-20806
Multiple vulnerabilities in the API and web-based management interfaces of Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS could allow an authenticated, remote attacker to write files or disclose sensitive information on an affected device. For more information about...
CVE-2022-20807
Multiple vulnerabilities in the API and web-based management interfaces of Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS could allow an authenticated, remote attacker to write files or disclose sensitive information on an affected device. For more information about...
多款Cisco产品日志信息泄露漏洞
Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS are both products of Cisco, Inc.Cisco Expressway Series is software for accessing devices outside the firewall. The software provides simple, highly secure access for users outside the firewall, helping telecommuters wo...
Cisco Expressway Series和Cisco TelePresence Video Communication Server 日志信息泄露漏洞
Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS are both products of Cisco, Inc.Cisco Expressway Series is software for accessing devices outside the firewall. The software provides simple, highly secure access for users outside the firewall, helping telecommuters wo...
Cisco Expressway Series 和 TelePresence Video Communication Server 日志信息泄露漏洞
Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS are both products of Cisco, Inc.Cisco Expressway Series is software for accessing devices outside the firewall. The software provides simple, highly secure access for users outside the firewall, helping telecommuters wo...
Alcatel OmniPCX Enterprise Remote Code Execution Vulnerability
masterCGI in the Unified Maintenance Tool in Alcatel OmniPCX Enterprise Communication Server allows remote attackers to execute arbitrary commands...
The vulnerability in the web interface for controlling Cisco Expressway Series and Cisco Telepresence VCS devices allows a hacker to execute arbitrary code as a root user.
The vulnerability of the Web interface for controlling Cisco Expressway Series and Cisco Telepresence VCS devices is related to insufficient checking of the command arguments entered by users. Exploiting this vulnerability allows a malicious actor to execute arbitrary code as a root user remotely...
CVE-2022-20755
Multiple vulnerabilities in the API and web-based management interfaces of Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS could allow an authenticated, remote attacker with read/write privileges to the application to write files or execute arbitrary code on the...
PT-2022-1785 · Cisco · Cisco Telepresence Video Communication Server +1
Name of the Vulnerable Software and Affected Versions: Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS affected versions not specified Description: The issue is related to multiple vulnerabilities in the API and web-based management interfaces of the affected devices...
PT-2022-1784 · Cisco · Cisco Telepresence Video Communication Server +1
Name of the Vulnerable Software and Affected Versions: Cisco Expressway Series affected versions not specified Cisco TelePresence Video Communication Server VCS affected versions not specified Description: The issue is related to multiple vulnerabilities in the API and web-based management...
The vulnerability of the Fatek Automation Communication Server arises from operations that go beyond the buffer boundaries in memory, allowing attackers to cause service failures or execute arbitrary code.
The vulnerability of the Fatek Automation Communication Server lies in the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to cause service failures or execute arbitrary code by sending specially crafted requests...
CVE-2021-38432
FATEK Automation Communication Server Versions 1.13 and prior lacks proper validation of user-supplied data, which could result in a stack-based buffer overflow condition and allow an attacker to remotely execute code...
Stack overflow
FATEK Automation Communication Server Versions 1.13 and prior lacks proper validation of user-supplied data, which could result in a stack-based buffer overflow condition and allow an attacker to remotely execute code...
CVE-2021-38432 FATEK Automation Communication Server
FATEK Automation Communication Server Versions 1.13 and prior lacks proper validation of user-supplied data, which could result in a stack-based buffer overflow condition and allow an attacker to remotely execute code...
CVE-2021-38432
CVE-2021-38432 affects FATEK Automation Communication Server (Versions 1.13 and prior). The vulnerability is a stack-based buffer overflow caused by lack of proper validation of user-supplied data, enabling remote code execution via network access (no authentication required per ZDI/CISA). Exploi...
Fatek Automation Communication Server Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fatek Automation Communication Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of data sent to the Facon Server, which listens on...
FATEK Communication Server 安全漏洞
FATEK Communication Server is a video communication server from China's Yonghong Electric FATEK. A security vulnerability exists in FATEK Communication Server that stems from a lack of proper validation of user-supplied data in the affected product, which could lead to a stack-based buffer overfl...
FATEK Automation Communication Server
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: FATEK Automation Equipment: Communication Server Vulnerability: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability may allow remote code execution. 3...
Cisco Expressway Series and TelePresence Video Communication Server Image Verification RCE (cisco-sa-ewver-c6WZPXRx)
According to its self-reported version, Cisco TelePresence Video Communication Server is affected by a vulnerability in the image verification function that allows an authenticated, remote attacker to execute code with internal user privileges on the underlying operating system. The vulnerability...