CVE-2024-43392

A low privileged remote attacker can perform configuration changes of the firewall services, including packet filter, packet forwarding, network access control or NAT through the FWINCOMING.FROMIP FWINCOMING.INIP FWOUTGOING.FROMIP FWOUTGOING.INIP environment variable which can lead to a DoS...

CVE-2024-43389

A low privileged remote attacker can perform configuration changes of the ospf service through OSPFINTERFACE.SIMPLEKEY, OSPFINTERFACE.DIGESTKEY environment variables which can lead to a DoS...

CVE-2024-43391

A low privileged remote attacker can perform configuration changes of the firewall services, including packet filter, packet forwarding, network access control or NAT through the FWPORTFORWARDING.SRCIP environment variable which can lead to a DoS...

CVE-2024-43393 Phoenix Contact: Configuration changes of the firewall services can lead to DoS in MGUARD devices

A low privileged remote attacker can perform configuration changes of the firewall services, including packet filter, packet forwarding, network access control or NAT through the FWINCOMING.FROMIP FWINCOMING.INIP FWOUTGOING.FROMIP FWOUTGOING.INIP FWRULESETS.FROMIP FWRULESETS.INIP environment...

CVE-2024-43393

CVE-2024-43393 affects Phoenix Contact MGUARD (FL/TC MGUARD) devices. A low-privileged remote attacker can alter firewall configuration (packet filtering/forwarding, NAC, NAT) via the environment variables FW_INCOMING.FROM_IP, FW_INCOMING.IN_IP, FW_OUTGOING.FROM_IP, FW_OUTGOING.IN_IP, FW_RULESETS...

CVE-2024-43391

CVE-2024-43391 describes a DoS affecting Phoenix Contact FL/TC MGUARD devices. A low-privileged remote attacker can trigger configuration changes of firewall services by manipulating the FW_PORTFORWARDING.SRC_IP environment variable, potentially impacting packet filtering, forwarding, network acc...

CVE-2024-43390 Phoenix Contact: Firewall reconfiguration due to improper input validation in MGUARD devices

A low privileged remote attacker can perform configuration changes of the firewall services, including packet forwarding or NAT through the FWNAT.INIP environment variable which can lead to a DoS...

CVE-2024-43390 Phoenix Contact: Firewall reconfiguration due to improper input validation in MGUARD devices

A low privileged remote attacker can perform configuration changes of the firewall services, including packet forwarding or NAT through the FWNAT.INIP environment variable which can lead to a DoS...

CVE-2024-43389

CVE-2024-43389 affects Phoenix Contact FL/TC MGUARD devices (routers). The vulnerability arises from improper input validation that allows a low-privilege, remote attacker to reconfigure OSPF via OSPF_INTERFACE.SIMPLE_KEY and OSPF_INTERFACE.DIGEST_KEY environment variables, leading to a denial of...

PT-2024-30549

Name of the Vulnerable Software and Affected Versions No specific software or versions are mentioned in the provided descriptions. Description A low privileged remote attacker can perform configuration changes of the ospf service through OSPF INTERFACE.SIMPLE KEY and OSPF INTERFACE.DIGEST KEY...

Huawei Datacard Information Disclosure

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'base64' class MetasploitModule /./i, 'Serial Number' = /./i, 'IMEI' = /./i, 'IMSI' = /./i, 'ICCID' = /./i, 'Hardware Version' = /./i, 'Software Version' = /./i,...

2Wire Cross-Site Request Forgery Password Reset

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "2Wire Cross-Site Request Forgery Password Reset Vulnerability", 'Description' = %q This module will reset the admin password on a 2Wire wireless...

Exploit for Unprotected Alternate Channel in Rockwellautomation Allen-Bradley_Stratix_5200_Firmware

CVE-2023-20198 Exploit PoC for CVE-2023-20198 Description...

Qualys Announces TruRisk Eliminate to Augment Patching

About 5 years ago, we launched Qualys Patch Management to empower our customers to not just detect and prioritize vulnerabilities but also effectively remediate them. Since then, we have assisted our customers in addressing hundreds of millions of vulnerabilities, significantly enhancing the...

How to Improve the Log on Performance in StoreFront

This article details configuration changes that might improve the log on and application enumeration performance in StoreFront...

ZTE ZXCLOUD iRAI Security Vulnerability

ZTE ZXCLOUD iRAI is a virtualization device from ZTE Corporation ZTE, China. A security vulnerability exists in ZTE ZXCLOUD iRAI V7.23.31 and earlier versions, which stems from the presence of a privilege and access control vulnerability that allows an attacker to elevate non-administrator...

PT-2024-19176 · Unknown · Zxcloud Irai

Name of the Vulnerable Software and Affected Versions: ZXCLOUD IRAI affected versions not specified Description: The issue concerns a permissions and access control vulnerability. An attacker can elevate non-administrator permissions to administrator permissions by modifying the configuration...

CVE-2024-35116

IBM MQ 9.0 LTS, 9.1 LTS, 9.2 LTS, 9.3 LTS, and 9.3 CD is vulnerable to a denial of service attack caused by an error applying configuration changes. IBM X-Force ID: 290335...

CVE-2024-35116

IBM MQ 9.0 LTS, 9.1 LTS, 9.2 LTS, 9.3 LTS, and 9.3 CD is vulnerable to a denial of service attack caused by an error applying configuration changes. IBM X-Force ID: 290335...

CVE-2024-35116 IBM MQ denial of service

IBM MQ 9.0 LTS, 9.1 LTS, 9.2 LTS, 9.3 LTS, and 9.3 CD is vulnerable to a denial of service attack caused by an error applying configuration changes. IBM X-Force ID: 290335...