CVE-2020-18329

An issue was discovered in Rehau devices that use a pCOWeb card BIOS v6.27, BOOT v5.00, web version v2.2, allows attackers to gain full unauthenticated access to the configuration and service interface...

CVE-2021-27782

HCL BigFix Mobile / Modern Client Management Admin and Config UI passwords can be brute-forced. User should be locked out for multiple invalid attempts...

CVE-2022-27583

A remote unprivileged attacker can interact with the configuration interface of a Flexi-Compact FLX3-CPUC1 or FLX3-CPUC2 running an affected firmware version to potentially impact the availability of the FlexiCompact...

CVE-2022-27583

A remote unprivileged attacker can interact with the configuration interface of a Flexi-Compact FLX3-CPUC1 or FLX3-CPUC2 running an affected firmware version to potentially impact the availability of the FlexiCompact...

Design/Logic Flaw

A remote unprivileged attacker can interact with the configuration interface of a Flexi-Compact FLX3-CPUC1 or FLX3-CPUC2 running an affected firmware version to potentially impact the availability of the FlexiCompact...

SICK Flexi Compact 安全漏洞

SICK Flexi Compact is a safety controller from SICK Germany. A security vulnerability exists in the SICK Flexi Compact FLX3-CPUC1 and FLX3-CPUC2, which arises from a remote, unprivileged attacker being able to interact with the running configuration interface thereby potentially affecting the...

CVE-2022-27583

A remote unprivileged attacker can interact with the configuration interface of a Flexi-Compact FLX3-CPUC1 or FLX3-CPUC2 running an affected firmware version to potentially impact the availability of the FlexiCompact...

CVE-2022-27583

CVE-2022-27583 concerns a vulnerability in the configuration interface of SICK FlexiCompact FLX3-CPUC1 and FLX3-CPUC2. The available documents indicate a remote, unprivileged attacker could interact with the affected firmware’s configuration interface and potentially impact the FlexiCompact’s ava...

CVE-2022-30521

The LAN-side Web-Configuration Interface has Stack-based Buffer Overflow vulnerability in the D-Link Wi-Fi router firmware DIR-890L DIR890LA1FW107b09.bin and previous versions. The function created at 0x17958 of /htdocs/cgibin will call sprintf without checking the length of strings in parameters...

CVE-2022-29880

A vulnerability has been identified in SICAM T All versions V3.0. Affected devices do not properly validate input in the configuration interface. This could allow an authenticated attacker to place persistent XSS attacks to perform arbitrary actions in the name of a logged user which accesses the...

Input validation

A vulnerability has been identified in SICAM P850 All versions V3.00, SICAM P850 All versions V3.00, SICAM P850 All versions V3.00, SICAM P850 All versions V3.00, SICAM P850 All versions V3.00, SICAM P850 All versions V3.00, SICAM P850 All versions V3.00, SICAM P850 All versions V3.00, SICAM P850...

Siemens SICAM T 跨站脚本漏洞

The SICAM P850 Multifunctional Measurement Device is used to collect, visualize, evaluate and transmit electrical measurement variables such as AC current, AC voltage, frequency, power, harmonics, etc. The SICAM P855 Multifunctional Device is used to collect, display and transmit measured...

Siemens SICAM P850 and SICAM P855 Devices Cross-Site Scripting Vulnerability (CNVD-2022-36391)

The SICAM P850 Multifunctional Measurement Device is used to collect, visualize, evaluate and transmit electrical measurement variables such as AC current, AC voltage, frequency, power, harmonics, etc. The SICAM P855 Multifunctional Device is used to collect, display and transmit measured...

CVE-2022-29880

CVE-2022-29880 affects Siemens SICAM devices (e.g., SICAM T <3.0; SICAM P850/P855

PT-2022-19090 · Totolink · Totolink A7100Ru

Name of the Vulnerable Software and Affected Versions: TOTOlink A7100RU version 7.4cu.2313 b20191024 Description: A command injection issue is found in the setWiFiWpsCfg interface, allowing an attacker to execute arbitrary commands through a carefully constructed payload. Recommendations: For...

PT-2022-17154 · Phicomm · K2 Firmware +1

Name of the Vulnerable Software and Affected Versions: No specific software or version information is provided. Description: The issue concerns improper access control on the LocalMACConfig.asp interface. This allows an unauthenticated remote attacker to modify a list of banned hosts by adding or...

How MikroTik Routers Became a Cybercriminal Target

The routers leveraged by the Mēris botnet in a massive distributed denial-of-service DDoS attack against Russia’s internet giant Yandex have also been the unwitting platform for numerous cyberattacks, researchers have found. This is due to a persistent vulnerable state that’s difficult for...

Auerswald COMfortel 1400和2600 IP 授权问题漏洞

The Auerswald Comfortel 1400 Ip is an Ip phone from Auerswald Germany. A security vulnerability exists in the web-based configuration management interface of the Auerswald COMfortel 1400 and 2600 IP desk phones. The vulnerability allows access to configuration data and settings in the web-based...

FreeBSD : FreeBSD -- double free in accept_filter(9) socket configuration interface (f8e1e2a6-9791-11eb-b87a-901b0ef719ab)

An unprivileged process can configure an accept filter on a listening socket. This is done using the setsockopt2 system call. The process supplies the name of the accept filter which is to be attached to the socket, as well as a string containing filter-specific information. If the filter...

CVE-2020-27290

In Hamilton Medical AG,T1-Ventillator versions 2.2.3 and prior, an information disclosure vulnerability in the ventilator allows attackers with physical access to the configuration interface's logs to get valid checksums for tampered configuration files...