CVE-2021-22652

Access to the Advantech iView versions prior to v5.7.03.6112 configuration are missing authentication, which may allow an unauthorized attacker to change the configuration and obtain code execution. Recent assessments: wvu-r7 at February 11, 2021 11:19pm UTC reported: The patch adds authenticatio...

Unauthorized Access Vulnerability in ELYCN Recording and Broadcasting Platform of Zhejiang Dahua Technology Co.(CNVD-2021-15563)

DAHUA is a leading video-based intelligent IOT solution provider and operation service provider in the world. An unauthorized access vulnerability exists in the ELYCN recording and broadcasting platform of Zhejiang Dahua Technology Company Limited, which can be exploited by attackers to modify...

Selea CarPlateServer (CPS) 4.0.1.6 - Remote Program Execution

Exploit Title: Selea CarPlateServer CPS 4.0.1.6 - Remote Program Execution Date: 08.11.2020 Exploit Author: LiquidWorm Vendor Homepage: https://www.selea.com Selea CarPlateServer CPS v4.0.1.6 Remote Program Execution Vendor: Selea s.r.l. Product web page: https://www.selea.com Affected version:...

CVE-2021-1305

Multiple vulnerabilities in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to bypass authorization and modify the configuration of an affected system, gain access to sensitive information, and view information that they are not...

Authorization

Multiple vulnerabilities in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to bypass authorization and modify the configuration of an affected system, gain access to sensitive information, and view information that they are not...

Authorization

Multiple vulnerabilities in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to bypass authorization and modify the configuration of an affected system, gain access to sensitive information, and view information that they are not...

CVE-2021-1305 Cisco SD-WAN vManage Authorization Bypass Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to bypass authorization and modify the configuration of an affected system, gain access to sensitive information, and view information that they are not...

CVE-2021-1305 Cisco SD-WAN vManage Authorization Bypass Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to bypass authorization and modify the configuration of an affected system, gain access to sensitive information, and view information that they are not...

CVE-2021-1305

Cisco SD-WAN vManageAuthorization Bypass vulnerabilities allow an authenticated, remote attacker to bypass authorization via the web-based management interface and access or view sensitive information. The issue stems from insufficient authorization checks in the vManage web UI, enabling potentia...

CVE-2021-1302 Cisco SD-WAN vManage Authorization Bypass Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to bypass authorization and modify the configuration of an affected system, gain access to sensitive information, and view information that they are not...

CVE-2021-1304 Cisco SD-WAN vManage Authorization Bypass Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to bypass authorization and modify the configuration of an affected system, gain access to sensitive information, and view information that they are not...

Cisco SD-WAN vManage Authorization Bypass Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to bypass authorization and modify the configuration of an affected system, gain access to sensitive information, and view information that they are not...

PT-2021-1857 · Cisco · Cisco Sd-Wan Vmanage

Name of the Vulnerable Software and Affected Versions: Cisco SD-WAN vManage Software affected versions not specified Description: The issue concerns multiple vulnerabilities in the web-based management interface of Cisco SD-WAN vManage Software. An authenticated, remote attacker could bypass...

Serious vulnerabilities fixed in Dell Wyse ThinOS

Vulnerabilities have been fixed in Dell Wyse ThinOS. A malicious person with access to a local FTP server could exploit the vulnerabilities to obtain sensitive information. The malicious party, by accessing this information and the ability to modify configuration files, the entire system. Dell ha...

Lantronix XPort EDGE Web Manager CSRF vulnerability

Summary An authentication bypass vulnerability exists in the Web Manager functionality of Lantronix XPort EDGE 3.0.0.0R11, 3.1.0.0R9, 3.4.0.0R12 and 4.2.0.0R7. A specially crafted HTTP request can cause increased privileges. An attacker can send an HTTP request to trigger this vulnerability. Test...

Cross site request forgery (csrf)

Fastweb FASTGate GPON FGA2130FWB devices through 2020-05-26 allow CSRF via the router administration web panel, leading to an attacker's ability to perform administrative actions such as modifying the configuration...

Cisco SD-WAN vManage Software Authorization Bypass (cisco-sa-vmanuafw-ZHkdGGEy)

According to its self-reported version, Cisco SD-WAN vManage is affected by an authentication bypass vulnerability in its web-based management interface due to insufficient authorization checks. An authenticated, remote attacker can exploit this, by sending specially crafted HTTP requests, to...

CVE-2020-3592

A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to bypass authorization and modify the configuration of an affected system. The vulnerability is due to insufficient authorization checking on an affected system. A...

Authorization

A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to bypass authorization and modify the configuration of an affected system. The vulnerability is due to insufficient authorization checking on an affected system. A...

Unspecified Vulnerability in Cisco Firepower Management Center and Cisco Firepower Threat Defense

Cisco Firepower Management Center and Cisco Firepower Threat Defense are both products of Cisco Corporation.Cisco Firepower Management Center is a next-generation firewall management center software.Cisco Firepower Threat Defense is a set of unified software that provides next-generation firewall...