CVE-2017-2126

WAPM-1166D firmware Ver.1.2.7 and earlier, WAPM-APG600H firmware Ver.1.16.1 and earlier allows remote attackers to bypass authentication and access the configuration interface via unspecified vectors...

CVE-2017-2126

WAPM-1166D firmware Ver.1.2.7 and earlier, WAPM-APG600H firmware Ver.1.16.1 and earlier allows remote attackers to bypass authentication and access the configuration interface via unspecified vectors...

FreePBX 13.0.35 remote code execution

A vulnerability overview 1. Vulnerability description FreePBX is called the Asterisk Management Portal, IP telephony tools Asterisk standardized implementation that provides a Web configuration interface and other workers FreePBX in functions.inc.php file exists for the parameters without...

Snom SIP Phone Denial Of Service

Snom SIP phones www.snom.com have a builtin HTTP/HTTPS configuration interface, which is enabled by default. By making a single HTTP POST request all available memory and CPU can be exhausted, resulting in a reboot of the phone. This even works if the HTTP/HTTPS interface is protected by username...

Cisco Catalyst 3500 XL Remote Arbitrary Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1846/info A vulnerability exists in the webserver configuration interface which will allow an anonymous user to execute commands. A http request which includes /exec and a known filename will reveal the contents of the...

SureCom EP-9510AX/EP-4504AX Network Device Malformed Web Authorization Request Denial of Service Vulnerability (1)

No description provided by source. source: http://www.securityfocus.com/bid/9795/info An issue in the handling of specific web requests by SureCom network devices has been identified. By placing a malformed request to the web configuration interface, it is possible for an attacker to deny service...

FireEye Web MPS GUI Detection

The remote web server is the FireEye Web Malware Protection System MPS GUI, which provides a web-based configuration interface for a FireEye Web MPS appliance. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid70295; scriptversion"1.4"; scriptcvsdate"Date: 2019/11/25";...

RedHat Update for kernel RHSA-2011:1189-01

Check for the Version of kernel OpenVAS Vulnerability Test RedHat Update for kernel RHSA-2011:1189-01 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...

FreePBX 2.10.0, 2.9.0 Multiple Vulnerabilities

Exploit for php platform in category web applications Product: FreePBX Version: 2.10.0, 2.9.0 and perhaps earlier versions Type: Remote Command Execution, XSS Release Date: March 14, 2012 Vendor Notification Date: Jun 12, 2011 Author: Martin Tschirsich Overview: A remote command execution...

Directory traversal

Directory traversal vulnerability in page.recordings.php in the System Recordings component in the configuration interface in FreePBX 2.8.0 and earlier allows remote authenticated administrators to create arbitrary files via a .. dot dot in the usersnum parameter to admin/config.php, as...

CVE-2010-3490

CVE-2010-3490 affects FreePBX

CVE-2010-3490

Directory traversal vulnerability in page.recordings.php in the System Recordings component in the configuration interface in FreePBX 2.8.0 and earlier allows remote authenticated administrators to create arbitrary files via a .. dot dot in the usersnum parameter to admin/config.php, as...

Novell Groupwise 8.0 Webaccess - Multiple Vulnerabilities

Novell Groupwise 8.0 Webaccess - Multiple Vulnerabilities source: https://www.securityfocus.com/bid/35066/info Novell GroupWise WebAccess is prone to multiple security vulnerabilities. An attacker may leverage these issues to bypass certain security restrictions or conduct cross-site scripting...

[SA20431] TIBCO Hawk "tibhawkhma" Privilege Escalation Vulnerability

---------------------------------------------------------------------- Want to join the Secunia Security Team? Secunia offers a position as a security specialist, where your daily work involves reverse engineering of software and exploit code, auditing of source code, and analysis of vulnerabilit...

TIBCO Hawk Monitoring Agent vulnerable to buffer overflow via the configuration interface

Overview A vulnerability in the TIBCO Hawk Monitoring Agent configuration interface may allow a local attacker to execute arbitrary code with elevated privileges. Description TIBCO Hawk is a tool for monitoring and managing distributed applications and systems throughout an enterprise. A buffer...

Cisco VG248 login password is blank

The remote host is a Cisco VG248 with a blank password. SPDX-FileCopyrightText: 2005 Rick McCloskey Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only Cisco VG248 with a blank password nas...

MERCUR Mailserver buffer overflow

Buffer overflow in configuration interface TCP/32000 access verification. Multiple overflows in IMAP, POP3, SNTP protocol...

Cisco VG248 Unpassworded Account

The remote host is a Cisco VG248 with a blank password. The Cisco VG248 does not have a password set and allows direct access to the configuration interface. An attacker could telnet to the Cisco unit and reconfigure it to lock the owner out as well as completely disable the phone system. Cisco...

SureCom EP-9510AX/EP-4504AX Network Device - Malformed Web Authorisation Request Denial of Service (2)

// source: https://www.securityfocus.com/bid/9795/info An issue in the handling of specific web requests by SureCom network devices has been identified. By placing a malformed request to the web configuration interface, it is possible for an attacker to deny service to legitimate users of a...

SureCom EP-9510AX/EP-4504AX Network Device - Malformed Web Authorisation Request Denial of Service (1)

source: https://www.securityfocus.com/bid/9795/info An issue in the handling of specific web requests by SureCom network devices has been identified. By placing a malformed request to the web configuration interface, it is possible for an attacker to deny service to legitimate users of a vulnerab...