Lucene search
K

626 matches found

ATTACKERKB
ATTACKERKB
added 2022/05/18 4:0 p.m.7 views

CVE-2022-20809

Multiple vulnerabilities in the API and web-based management interfaces of Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS could allow an authenticated, remote attacker to write files or disclose sensitive information on an affected device. For more information about...

6.5CVSS6.6AI score0.00887EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/05/18 4:0 p.m.7 views

CVE-2022-20806

Multiple vulnerabilities in the API and web-based management interfaces of Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS could allow an authenticated, remote attacker to write files or disclose sensitive information on an affected device. For more information about...

7.1CVSS7AI score0.00899EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/05/18 4:0 p.m.6 views

CVE-2022-20807

Multiple vulnerabilities in the API and web-based management interfaces of Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS could allow an authenticated, remote attacker to write files or disclose sensitive information on an affected device. For more information about...

6.5CVSS6.6AI score0.00913EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/05/18 12:0 a.m.6 views

多款Cisco产品日志信息泄露漏洞

Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS are both products of Cisco, Inc.Cisco Expressway Series is software for accessing devices outside the firewall. The software provides simple, highly secure access for users outside the firewall, helping telecommuters wo...

6.5CVSS6.6AI score0.00887EPSS
Exploits0References4
CNNVD
CNNVD
added 2022/05/18 12:0 a.m.6 views

Cisco Expressway Series和Cisco TelePresence Video Communication Server 日志信息泄露漏洞

Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS are both products of Cisco, Inc.Cisco Expressway Series is software for accessing devices outside the firewall. The software provides simple, highly secure access for users outside the firewall, helping telecommuters wo...

7.1CVSS7AI score0.00899EPSS
Exploits0References4
CNNVD
CNNVD
added 2022/05/18 12:0 a.m.3 views

Cisco Expressway Series 和 TelePresence Video Communication Server 日志信息泄露漏洞

Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS are both products of Cisco, Inc.Cisco Expressway Series is software for accessing devices outside the firewall. The software provides simple, highly secure access for users outside the firewall, helping telecommuters wo...

6.5CVSS6.5AI score0.00913EPSS
Exploits0References4
CISA KEV Catalog
CISA KEV Catalog
added 2022/04/15 12:0 a.m.27 views

Alcatel OmniPCX Enterprise Remote Code Execution Vulnerability

masterCGI in the Unified Maintenance Tool in Alcatel OmniPCX Enterprise Communication Server allows remote attackers to execute arbitrary commands...

10CVSS7.7AI score0.97759EPSS
In wildExploits8
BDU FSTEC
BDU FSTEC
added 2022/03/05 12:0 a.m.10 views

The vulnerability in the web interface for controlling Cisco Expressway Series and Cisco Telepresence VCS devices allows a hacker to execute arbitrary code as a root user.

The vulnerability of the Web interface for controlling Cisco Expressway Series and Cisco Telepresence VCS devices is related to insufficient checking of the command arguments entered by users. Exploiting this vulnerability allows a malicious actor to execute arbitrary code as a root user remotely...

9CVSS6AI score0.03177EPSS
Exploits0References2Affected Software2
ATTACKERKB
ATTACKERKB
added 2022/03/03 12:0 a.m.5 views

CVE-2022-20755

Multiple vulnerabilities in the API and web-based management interfaces of Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS could allow an authenticated, remote attacker with read/write privileges to the application to write files or execute arbitrary code on the...

9CVSS7.6AI score0.03177EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/03/02 12:0 a.m.2 views

PT-2022-1785 · Cisco · Cisco Telepresence Video Communication Server +1

Name of the Vulnerable Software and Affected Versions: Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS affected versions not specified Description: The issue is related to multiple vulnerabilities in the API and web-based management interfaces of the affected devices...

9CVSS7.4AI score0.03177EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2022/03/02 12:0 a.m.4 views

PT-2022-1784 · Cisco · Cisco Telepresence Video Communication Server +1

Name of the Vulnerable Software and Affected Versions: Cisco Expressway Series affected versions not specified Cisco TelePresence Video Communication Server VCS affected versions not specified Description: The issue is related to multiple vulnerabilities in the API and web-based management...

9CVSS7.3AI score0.03177EPSS
Exploits0References12
BDU FSTEC
BDU FSTEC
added 2021/11/10 12:0 a.m.2 views

The vulnerability of the Fatek Automation Communication Server arises from operations that go beyond the buffer boundaries in memory, allowing attackers to cause service failures or execute arbitrary code.

The vulnerability of the Fatek Automation Communication Server lies in the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to cause service failures or execute arbitrary code by sending specially crafted requests...

10CVSS8.6AI score0.01758EPSS
Exploits0References7Affected Software1
OSV
OSV
added 2021/10/15 3:15 p.m.2 views

CVE-2021-38432

FATEK Automation Communication Server Versions 1.13 and prior lacks proper validation of user-supplied data, which could result in a stack-based buffer overflow condition and allow an attacker to remotely execute code...

9.8CVSS7.7AI score
Exploits0References1
Prion
Prion
added 2021/10/15 3:15 p.m.13 views

Stack overflow

FATEK Automation Communication Server Versions 1.13 and prior lacks proper validation of user-supplied data, which could result in a stack-based buffer overflow condition and allow an attacker to remotely execute code...

7.5CVSS9.7AI score0.01758EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/10/15 2:13 p.m.23 views

CVE-2021-38432 FATEK Automation Communication Server

FATEK Automation Communication Server Versions 1.13 and prior lacks proper validation of user-supplied data, which could result in a stack-based buffer overflow condition and allow an attacker to remotely execute code...

9.8CVSS9.9AI score0.01758EPSS
Exploits0References1
CVE
CVE
added 2021/10/15 2:13 p.m.50 views

CVE-2021-38432

CVE-2021-38432 affects FATEK Automation Communication Server (Versions 1.13 and prior). The vulnerability is a stack-based buffer overflow caused by lack of proper validation of user-supplied data, enabling remote code execution via network access (no authentication required per ZDI/CISA). Exploi...

9.8CVSS9.8AI score0.01758EPSS
Exploits0References1Affected Software1
Zero Day Initiative
Zero Day Initiative
added 2021/10/14 12:0 a.m.31 views

Fatek Automation Communication Server Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fatek Automation Communication Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of data sent to the Facon Server, which listens on...

9.8CVSS4.6AI score0.01758EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/10/07 12:0 a.m.4 views

FATEK Communication Server 安全漏洞

FATEK Communication Server is a video communication server from China's Yonghong Electric FATEK. A security vulnerability exists in FATEK Communication Server that stems from a lack of proper validation of user-supplied data in the affected product, which could lead to a stack-based buffer overfl...

9.8CVSS8.8AI score0.01758EPSS
Exploits0References6
ICS
ICS
added 2021/10/07 12:0 a.m.31 views

FATEK Automation Communication Server

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: FATEK Automation Equipment: Communication Server Vulnerability: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability may allow remote code execution. 3...

9.8CVSS10AI score0.01758EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2021/08/25 12:0 a.m.34 views

Cisco Expressway Series and TelePresence Video Communication Server Image Verification RCE (cisco-sa-ewver-c6WZPXRx)

According to its self-reported version, Cisco TelePresence Video Communication Server is affected by a vulnerability in the image verification function that allows an authenticated, remote attacker to execute code with internal user privileges on the underlying operating system. The vulnerability...

9CVSS7.4AI score0.01056EPSS
Exploits0References3
Rows per page
Query Builder