Input validation

An issue was discovered on D-Link DSR-250 3.17 devices. Insufficient validation of configuration file checksums could allow a remote, authenticated attacker to inject arbitrary crontab entries into saved configurations before uploading. These entries are executed as root...

CVE-2020-25758

An issue was discovered on D-Link DSR-250 3.17 devices. Insufficient validation of configuration file checksums could allow a remote, authenticated attacker to inject arbitrary crontab entries into saved configurations before uploading. These entries are executed as root...

Plum Ik-401 Security Issue Vulnerability

The Plum Ik-401 is a 4G modem/router from Plum Germany for use in industrial environments. A security vulnerability exists in Plum IK-401 versions prior to 1.02, which can be exploited by an attacker accessing the device over the network to obtain a configuration file, including hashed credential...

The vulnerability of the microprogramming software of the modular controller for automation of transformer substations—Schneider Electric Easergy T300 module SC150—is related to incorrect user authentication. This vulnerability allows a intruder to view and modify the device configuration file.

The vulnerability of the microprogramming software of the modular controller for automation of transformer substations in Schneider Electric Easergy T300 RTU devices is related to incorrect user authentication. Exploiting this vulnerability allows a malicious actor to remotely view and modify the...

Remote Code Execution

awstats is vulnerable to remote code execution. The vulnerability exists as cgi-bin/awstats.pl?config= accepts an absolute pathname, even though it was intended to only read a file in the /etc/awstats/awstats.conf format...

DEBIAN-CVE-2020-35176

In AWStats through 7.8, cgi-bin/awstats.pl?config= accepts a partial absolute pathname omitting the initial /etc, even though it was intended to only read a file in the /etc/awstats/awstats.conf format. NOTE: this issue exists because of an incomplete fix for CVE-2017-1000501 and CVE-2020-29600...

AZL-44679 CVE-2020-7788 affecting package js-jquery 3.5.0-4

This affects the package ini before 1.3.6. If an attacker submits a malicious INI file to an application that parses it with ini.parse, they will pollute the prototype on the application. This can be exploited further depending on the context...

CVE-2020-28946

An improper webserver configuration on Plum IK-401 devices with firmware before 1.02 allows an attacker with network access to the device to obtain the configuration file, including hashed credential data. Successful exploitation could allow access to hashed credential data with a single...

Cross site request forgery (csrf)

An improper webserver configuration on Plum IK-401 devices with firmware before 1.02 allows an attacker with network access to the device to obtain the configuration file, including hashed credential data. Successful exploitation could allow access to hashed credential data with a single...

Plum Ik-401 访问控制错误漏洞

The Plum Ik-401 is a 4G modem/router from Plum Germany for use in industrial environments. A security vulnerability exists in Plum IK-401 versions prior to 1.02, which can be exploited by an attacker accessing the device over the network to obtain a configuration file, including hashed credential...

DEBIAN-CVE-2020-29600

In AWStats through 7.7, cgi-bin/awstats.pl?config= accepts an absolute pathname, even though it was intended to only read a file in the /etc/awstats/awstats.conf format. NOTE: this issue exists because of an incomplete fix for CVE-2017-1000501...

Inclusion of Sensitive Information in Log Files

In Kubernetes clusters using a logging level of at least 4, processing a malformed docker config file will result in the contents of the docker config file being leaked, which can include pull secrets or other registry credentials...

Information Disclosure

ntlmaps is vulnerable to information disclosure. The vulnerability exists due to the library sets world-readable permissions for the configuration file, allowing a malicious user to obtain the username and password...

Arbitrary Code Execution

Open Racing Car Simulator TORCS is vulnerable to arbitrary code execution. A remote attacker could inject and execute arbitrary code via a long file name in an engine sample attribute in an xml configuration file...

USN-4651-1 mysql-8.0 vulnerabilities

Tom Reynolds discovered that due to a packaging error, the MySQL X Plugin was listening to all network interfaces by default, contrary to expectations. This update changes the default MySQL configuration to bind the MySQL X Plugin to localhost only. This change may impact environments where the...

CVE-2020-29138

Incorrect Access Control in the configuration backup path in SAGEMCOM F@ST3486 NET DOCSIS 3.0, software NET4.109.0, allows remote unauthenticated users to download the router configuration file via the /backupsettings.conf URI, when any valid session is running...

CVE-2020-29138

Technical details such as affected firmware versions, root-cause specifics, and exploitation information are not publicly provided in the supplied documents. Monitor for updates from vendors and official advisories.

phpMyAdmin 4.0.x < 4.0.10.10 / 4.2.x < 4.2.13.3 / 4.3.x < 4.3.13.1 / 4.4.x < 4.4.6.1 Multiple Vulnerabilities (PMASA-2015-2, PMASA-2015-3)

According to its self-reported version, the phpMyAdmin application hosted on the remote web server is 4.0.x prior to 4.0.10.10, 4.2.x prior to 4.2.13.3, 4.3.x prior to 4.3.13.1, or 4.4.x prior to 4.4.6.1. It is, therefore, affected by multiple vulnerabilities. - Multiple cross-site request forger...

Improper access control

Barco wePresent WiPG-1600W devices have Improper Access Control. Affected Versions: 2.5.1.8. The Barco wePresent WiPG-1600W device has an SSH daemon included in the firmware image. By default, the SSH daemon is disabled and does not start at system boot. The system initialization scripts read a...

CVE-2020-28331

Barco wePresent WiPG-1600W devices have Improper Access Control. Affected Versions: 2.5.1.8. The Barco wePresent WiPG-1600W device has an SSH daemon included in the firmware image. By default, the SSH daemon is disabled and does not start at system boot. The system initialization scripts read a...