Lucene search
K

172 matches found

BDU FSTEC
BDU FSTEC
added 2022/06/29 12:0 a.m.7 views

The vulnerability of Siemens SICAM P850 and Siemens SICAM P855 multifunctional measuring devices lies in the lack of authentication for critical functions. This allows attackers to disclose internal configuration details of the web interface or alter network settings.

The vulnerability of Siemens SICAM P850 and Siemens SICAM P855 multifunctional measuring devices lies in the lack of authentication for critical functions. Exploiting this vulnerability can allow an attacker to disclose internal configuration details of the web interface or modify network setting...

6.5CVSS6.6AI score0.0062EPSS
Exploits0References5Affected Software2
0day.today
0day.today
added 2022/06/07 12:0 a.m.476 views

Reolink E1 Zoom Camera 3.0.0.716 Configuration Disclosure Vulnerability

ADVISORY INFORMATION ======================= Product: Reolink E1 Zoom Camera Vendor URL: https://reolink.com/product/e1-zoom/ Type: Exposure of Sensitive Information to an Unauthorized Actor CWE-200 Date found: 2021-08-26 Date published: 2022-06-01 CVSSv3 Score: 5.3...

7.5CVSS7.6AI score0.03364EPSS
Exploits4
Packet Storm
Packet Storm
added 2022/06/06 12:0 a.m.594 views

Reolink E1 Zoom Camera 3.0.0.716 Configuration Disclosure

RCE Security Advisory https://www.rcesecurity.com 1. ADVISORY INFORMATION ======================= Product: Reolink E1 Zoom Camera Vendor URL: https://reolink.com/product/e1-zoom/ Type: Exposure of Sensitive Information to an Unauthorized Actor CWE-200 Date found: 2021-08-26 Date published:...

7.6AI score0.03364EPSS
Exploits4
ATTACKERKB
ATTACKERKB
added 2022/01/01 6:15 a.m.4 views

CVE-2021-43333

The Datalogic DXU service on for example DL-Axist devices does not require authentication for configuration changes or disclosure of configuration settings...

6.5CVSS6.6AI score0.00743EPSS
Exploits0References3
CVE
CVE
added 2022/01/01 5:5 a.m.44 views

CVE-2021-43333

The CVE-2021-43333 issue affects the Datalogic DXU service used on DL-Axist devices. The vulnerability arises from a lack of authentication when performing configuration changes or disclosing configuration settings, exposing potential for unauthorized disclosure or modification of settings. The a...

6.5CVSS6.7AI score0.00743EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2021/12/16 8:15 p.m.12 views

Information disclosure

An issue in Atomix v3.1.5 allows unauthorized Atomix nodes to join a target cluster via providing configuration information...

5CVSS7.3AI score0.00902EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2021/10/25 12:0 a.m.3 views

Ingeteam Ingepac Da Au 信息泄露漏洞

Ingeteam Ingepac Da Au is an affordable solution from Ingeteam. for complete measurement and detection of fault bypasses anywhere in the grid. A security vulnerability exists in the Ingeteam INGEPAC DA AU AUC1.13.0.28 and earlier web application that allows access to specific paths containing...

5.3CVSS5.9AI score0.01084EPSS
Exploits0References2
NVD
NVD
added 2021/09/30 11:15 a.m.24 views

CVE-2021-41301

ECOA BAS controller is vulnerable to configuration disclosure when direct object reference is made to the specific files using an HTTP GET request. This will enable the unauthenticated attacker to remotely disclose sensitive information and help her in authentication bypass, privilege escalation...

10CVSS0.01926EPSS
Exploits1References1
Cvelist
Cvelist
added 2021/09/30 10:41 a.m.26 views

CVE-2021-41301 ECOA BAS controller - Exposure of Sensitive Information to an Unauthorized Actor

ECOA BAS controller is vulnerable to configuration disclosure when direct object reference is made to the specific files using an HTTP GET request. This will enable the unauthenticated attacker to remotely disclose sensitive information and help her in authentication bypass, privilege escalation...

9.8CVSS9.8AI score0.01926EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2021/09/30 10:13 a.m.4 views

CVE-2021-41301

ECOA BAS controller is vulnerable to configuration disclosure when direct object reference is made to the specific files using an HTTP GET request. This will enable the unauthenticated attacker to remotely disclose sensitive information and help her in authentication bypass, privilege escalation...

10CVSS7.3AI score0.01926EPSS
Exploits1References2
Exploit DB
Exploit DB
added 2021/09/28 12:0 a.m.232 views

FatPipe Networks WARP/IPVPN/MPVPN 10.2.2 - Config Download (Unauthenticated)

Exploit Title: FatPipe Networks WARP/IPVPN/MPVPN 10.2.2 - Config Download Unauthenticated Date: 25.07.2021 Exploit Author: LiquidWorm Vendor Homepage: https://www.fatpipeinc.com FatPipe Networks WARP/IPVPN/MPVPN 10.2.2 Unauthenticated Config Download Vendor: FatPipe Networks Inc. Product web page...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/09/28 12:0 a.m.476 views

FatPipe Networks WARP/IPVPN/MPVPN 10.2.2 Configuration Disclosure

FatPipe Networks WARP/IPVPN/MPVPN 10.2.2 Unauthenticated Config Download Vendor: FatPipe Networks Inc. Product web page: https://www.fatpipeinc.com Affected version: WARP / IPVPN / MPVPN 10.2.2r38 10.2.2r25 10.2.2r10 10.1.2r60p82 10.1.2r60p71 10.1.2r60p65 10.1.2r60p58s1 10.1.2r60p58 10.1.2r60p55...

7.4AI score
Exploits0
OSV
OSV
added 2021/07/13 2:15 p.m.3 views

CVE-2021-20593

Incorrect Implementation of Authentication Algorithm in Mitsubishi Electric Air Conditioning System/Centralized Controllers G-50A Ver.2.50 to Ver. 3.35, GB-50A Ver.2.50 to Ver. 3.35, AG-150A-A Ver.3.20 and prior, AG-150A-J Ver.3.20 and prior, GB-50ADA-A Ver.3.20 and prior, GB-50ADA-J Ver.3.20 and...

7.1CVSS7.1AI score0.00853EPSS
Exploits0References2
Cvelist
Cvelist
added 2021/07/13 1:30 p.m.29 views

CVE-2021-20593

Incorrect Implementation of Authentication Algorithm in Mitsubishi Electric Air Conditioning System/Centralized Controllers G-50A Ver.2.50 to Ver. 3.35, GB-50A Ver.2.50 to Ver. 3.35, AG-150A-A Ver.3.20 and prior, AG-150A-J Ver.3.20 and prior, GB-50ADA-A Ver.3.20 and prior, GB-50ADA-J Ver.3.20 and...

6.8AI score0.00853EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2021/06/08 12:0 a.m.9 views

PT-2021-18719 · Unknown · Ssl Network Extender Client

Name of the Vulnerable Software and Affected Versions: SSL Network Extender Client for Linux versions prior to build 800008302 Description: The issue allows partial disclosure of files to which the user did not have access, due to the revelation of part of the contents of the configuration file...

5.3CVSS5AI score0.22792EPSS
Exploits1References5
Exploit DB
Exploit DB
added 2021/04/02 12:0 a.m.637 views

ZBL EPON ONU Broadband Router 1.0 - Remote Privilege Escalation

Exploit Title: ZBL EPON ONU Broadband Router 1.0 - Remote Privilege Escalation Date: 31.01.2021 Exploit Author: LiquidWorm Vendor Homepage: http://www.zblchina.com http://www.wd-thailand.com Vendor: Zhejiang BC&TV Technology Co., Ltd. ZBL | W&D Corporation WAD TECHNOLOGY THAILAND Product web page...

7.4AI score
Exploits0
0day.today
0day.today
added 2021/03/19 12:0 a.m.71 views

KZTech / JatonTec / Neotel JT3500V 4G LTE CPE 2.0.1 - Config Download (Unauthenticated) Vulnerabilit

Exploit Title: KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 - Config Download Unauthenticated Exploit Author: LiquidWorm Vendor Homepage: http://www.kzbtech.com http://www.jatontec.com https://www.neotel.mk Vendor: KZ Broadband Technologies, Ltd. | Jaton Technology, Ltd. Product web page:...

0.1AI score
Exploits0
Exploit DB
Exploit DB
added 2021/03/19 12:0 a.m.215 views

KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 - Authentication Bypass

Exploit Title: KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 - Authentication Bypass Date: 03.02.2021 Exploit Author: LiquidWorm Vendor Homepage: http://www.kzbtech.com http://www.jatontec.com https://www.neotel.mk Vendor: KZ Broadband Technologies, Ltd. | Jaton Technology, Ltd. Product web pag...

7.4AI score
Exploits0
CNNVD
CNNVD
added 2021/03/10 12:0 a.m.7 views

Netgear NETGEAR JGS516PE 安全漏洞

The NETGEAR JGS516PE/GS116Ev2 is a 16-port Gigabit Smart Managed Plus switch. An information disclosure vulnerability exists in the NSDP protocol implementation of the NETGEAR JGS516PE/GS116Ev2 version 2.6.0.43. A remote, unauthenticated attacker can exploit this vulnerability by sending a...

5.6AI score
Exploits0References2
0day.today
0day.today
added 2021/01/05 12:0 a.m.46 views

PLANEX CS-QP50F-ING2 Remote Configuration Disclosure Vulnerability

PLANEX CS-QP50F-ING2 security surveillance smart camera remote configuration disclosure exploit. !/usr/bin/perl PLANEX CS-QP50F-ING2 Security Surveillance Smart Camera Remote Configuration Disclosure - Mass Exploiter Copyright 2021 c Todor Donev https://donev.eu/ Disclaimer: This or previous...

7.5AI score
Exploits0
Rows per page
Query Builder