172 matches found
The vulnerability of Siemens SICAM P850 and Siemens SICAM P855 multifunctional measuring devices lies in the lack of authentication for critical functions. This allows attackers to disclose internal configuration details of the web interface or alter network settings.
The vulnerability of Siemens SICAM P850 and Siemens SICAM P855 multifunctional measuring devices lies in the lack of authentication for critical functions. Exploiting this vulnerability can allow an attacker to disclose internal configuration details of the web interface or modify network setting...
Reolink E1 Zoom Camera 3.0.0.716 Configuration Disclosure Vulnerability
ADVISORY INFORMATION ======================= Product: Reolink E1 Zoom Camera Vendor URL: https://reolink.com/product/e1-zoom/ Type: Exposure of Sensitive Information to an Unauthorized Actor CWE-200 Date found: 2021-08-26 Date published: 2022-06-01 CVSSv3 Score: 5.3...
Reolink E1 Zoom Camera 3.0.0.716 Configuration Disclosure
RCE Security Advisory https://www.rcesecurity.com 1. ADVISORY INFORMATION ======================= Product: Reolink E1 Zoom Camera Vendor URL: https://reolink.com/product/e1-zoom/ Type: Exposure of Sensitive Information to an Unauthorized Actor CWE-200 Date found: 2021-08-26 Date published:...
CVE-2021-43333
The Datalogic DXU service on for example DL-Axist devices does not require authentication for configuration changes or disclosure of configuration settings...
CVE-2021-43333
The CVE-2021-43333 issue affects the Datalogic DXU service used on DL-Axist devices. The vulnerability arises from a lack of authentication when performing configuration changes or disclosing configuration settings, exposing potential for unauthorized disclosure or modification of settings. The a...
Information disclosure
An issue in Atomix v3.1.5 allows unauthorized Atomix nodes to join a target cluster via providing configuration information...
Ingeteam Ingepac Da Au 信息泄露漏洞
Ingeteam Ingepac Da Au is an affordable solution from Ingeteam. for complete measurement and detection of fault bypasses anywhere in the grid. A security vulnerability exists in the Ingeteam INGEPAC DA AU AUC1.13.0.28 and earlier web application that allows access to specific paths containing...
CVE-2021-41301
ECOA BAS controller is vulnerable to configuration disclosure when direct object reference is made to the specific files using an HTTP GET request. This will enable the unauthenticated attacker to remotely disclose sensitive information and help her in authentication bypass, privilege escalation...
CVE-2021-41301 ECOA BAS controller - Exposure of Sensitive Information to an Unauthorized Actor
ECOA BAS controller is vulnerable to configuration disclosure when direct object reference is made to the specific files using an HTTP GET request. This will enable the unauthenticated attacker to remotely disclose sensitive information and help her in authentication bypass, privilege escalation...
CVE-2021-41301
ECOA BAS controller is vulnerable to configuration disclosure when direct object reference is made to the specific files using an HTTP GET request. This will enable the unauthenticated attacker to remotely disclose sensitive information and help her in authentication bypass, privilege escalation...
FatPipe Networks WARP/IPVPN/MPVPN 10.2.2 - Config Download (Unauthenticated)
Exploit Title: FatPipe Networks WARP/IPVPN/MPVPN 10.2.2 - Config Download Unauthenticated Date: 25.07.2021 Exploit Author: LiquidWorm Vendor Homepage: https://www.fatpipeinc.com FatPipe Networks WARP/IPVPN/MPVPN 10.2.2 Unauthenticated Config Download Vendor: FatPipe Networks Inc. Product web page...
FatPipe Networks WARP/IPVPN/MPVPN 10.2.2 Configuration Disclosure
FatPipe Networks WARP/IPVPN/MPVPN 10.2.2 Unauthenticated Config Download Vendor: FatPipe Networks Inc. Product web page: https://www.fatpipeinc.com Affected version: WARP / IPVPN / MPVPN 10.2.2r38 10.2.2r25 10.2.2r10 10.1.2r60p82 10.1.2r60p71 10.1.2r60p65 10.1.2r60p58s1 10.1.2r60p58 10.1.2r60p55...
CVE-2021-20593
Incorrect Implementation of Authentication Algorithm in Mitsubishi Electric Air Conditioning System/Centralized Controllers G-50A Ver.2.50 to Ver. 3.35, GB-50A Ver.2.50 to Ver. 3.35, AG-150A-A Ver.3.20 and prior, AG-150A-J Ver.3.20 and prior, GB-50ADA-A Ver.3.20 and prior, GB-50ADA-J Ver.3.20 and...
CVE-2021-20593
Incorrect Implementation of Authentication Algorithm in Mitsubishi Electric Air Conditioning System/Centralized Controllers G-50A Ver.2.50 to Ver. 3.35, GB-50A Ver.2.50 to Ver. 3.35, AG-150A-A Ver.3.20 and prior, AG-150A-J Ver.3.20 and prior, GB-50ADA-A Ver.3.20 and prior, GB-50ADA-J Ver.3.20 and...
PT-2021-18719 · Unknown · Ssl Network Extender Client
Name of the Vulnerable Software and Affected Versions: SSL Network Extender Client for Linux versions prior to build 800008302 Description: The issue allows partial disclosure of files to which the user did not have access, due to the revelation of part of the contents of the configuration file...
ZBL EPON ONU Broadband Router 1.0 - Remote Privilege Escalation
Exploit Title: ZBL EPON ONU Broadband Router 1.0 - Remote Privilege Escalation Date: 31.01.2021 Exploit Author: LiquidWorm Vendor Homepage: http://www.zblchina.com http://www.wd-thailand.com Vendor: Zhejiang BC&TV Technology Co., Ltd. ZBL | W&D Corporation WAD TECHNOLOGY THAILAND Product web page...
KZTech / JatonTec / Neotel JT3500V 4G LTE CPE 2.0.1 - Config Download (Unauthenticated) Vulnerabilit
Exploit Title: KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 - Config Download Unauthenticated Exploit Author: LiquidWorm Vendor Homepage: http://www.kzbtech.com http://www.jatontec.com https://www.neotel.mk Vendor: KZ Broadband Technologies, Ltd. | Jaton Technology, Ltd. Product web page:...
KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 - Authentication Bypass
Exploit Title: KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 - Authentication Bypass Date: 03.02.2021 Exploit Author: LiquidWorm Vendor Homepage: http://www.kzbtech.com http://www.jatontec.com https://www.neotel.mk Vendor: KZ Broadband Technologies, Ltd. | Jaton Technology, Ltd. Product web pag...
Netgear NETGEAR JGS516PE 安全漏洞
The NETGEAR JGS516PE/GS116Ev2 is a 16-port Gigabit Smart Managed Plus switch. An information disclosure vulnerability exists in the NSDP protocol implementation of the NETGEAR JGS516PE/GS116Ev2 version 2.6.0.43. A remote, unauthenticated attacker can exploit this vulnerability by sending a...
PLANEX CS-QP50F-ING2 Remote Configuration Disclosure Vulnerability
PLANEX CS-QP50F-ING2 security surveillance smart camera remote configuration disclosure exploit. !/usr/bin/perl PLANEX CS-QP50F-ING2 Security Surveillance Smart Camera Remote Configuration Disclosure - Mass Exploiter Copyright 2021 c Todor Donev https://donev.eu/ Disclaimer: This or previous...