862 matches found
CVE-2022-48164
An access control issue in the component /cgi-bin/ExportLogs.sh of Wavlink WL-WN533A8 M33A8.V5030.190716 allows unauthenticated attackers to download configuration data and log files and obtain admin credentials...
CVE-2022-48164
An access control issue in the component /cgi-bin/ExportLogs.sh of Wavlink WL-WN533A8 M33A8.V5030.190716 allows unauthenticated attackers to download configuration data and log files and obtain admin credentials...
Design/Logic Flaw
An access control issue in the component /cgi-bin/ExportLogs.sh of Wavlink WL-WN533A8 M33A8.V5030.190716 allows unauthenticated attackers to download configuration data and log files and obtain admin credentials...
CVE-2022-48166
An access control issue in Wavlink WL-WN530HG4 M30HG4.V5030.201217 allows unauthenticated attackers to download configuration data and log files and obtain admin credentials...
CVE-2022-48164
An access control issue in the component /cgi-bin/ExportLogs.sh of Wavlink WL-WN533A8 M33A8.V5030.190716 allows unauthenticated attackers to download configuration data and log files and obtain admin credentials...
WAVLINK WL-WN530HG4 安全漏洞
WAVLINK WL-WN530HG4 is a wireless network signal extender from China RuiYin Technology WAVLINK. A security vulnerability exists in the WAVLINK WL-WN530HG4 M30HG4.V5030.201217 version, which stems from an access control issue that allows an unauthenticated attacker to download configuration data a...
WAVLINK WL-WN533A8 安全漏洞
WAVLINK WL-WN533A8 is a router from China's RuiYin Technology WAVLINK. The WAVLINK WL-WN533A8 suffers from an Access Control Issue vulnerability that originates from improper access control in the component /cgi-bin/ExportLogs.sh, which can be exploited by an attacker to download configuration da...
CVE-2022-48166
An access control issue in Wavlink WL-WN530HG4 M30HG4.V5030.201217 allows unauthenticated attackers to download configuration data and log files and obtain admin credentials...
CVE-2022-48164
An access control issue in the component /cgi-bin/ExportLogs.sh of Wavlink WL-WN533A8 M33A8.V5030.190716 allows unauthenticated attackers to download configuration data and log files and obtain admin credentials...
CVE-2022-48165
An access control issue in the component /cgi-bin/ExportLogs.sh of Wavlink WL-WN530H4 M30H4.V5030.210121 allows unauthenticated attackers to download configuration data and log files and obtain admin credentials...
CVE-2022-48165
An access control issue in the component /cgi-bin/ExportLogs.sh of Wavlink WL-WN530H4 M30H4.V5030.210121 allows unauthenticated attackers to download configuration data and log files and obtain admin credentials...
Design/Logic Flaw
An access control issue in the component /cgi-bin/ExportLogs.sh of Wavlink WL-WN530H4 M30H4.V5030.210121 allows unauthenticated attackers to download configuration data and log files and obtain admin credentials...
CVE-2022-48165
CVE-2022-48165 affects Wavlink WL-WN530H4 M30H4.V5030.210121; the vulnerable component is /cgi-bin/ExportLogs.sh, enabling unauthenticated access to download configuration data, log files, and admin credentials. The Connected documents corroborate improper access control and potential for unautho...
WAVLINK WL-WN530H4 安全漏洞
WAVLINK WL-WN530H4 is a router from China RuiYin Technology WAVLINK. A security vulnerability exists in WAVLINK WL-WN530H4 M30H4.V5030.210121 version, which originates from an access control issue in the component /cgi-bin/ExportLogs.sh, and can be exploited by an attacker to download configurati...
CVE-2022-48165
An access control issue in the component /cgi-bin/ExportLogs.sh of Wavlink WL-WN530H4 M30H4.V5030.210121 allows unauthenticated attackers to download configuration data and log files and obtain admin credentials...
3 Lifehacks While Analyzing Orcus RAT in a Malware Sandbox
Orcus is a Remote Access Trojan with some distinctive characteristics. The RAT allows attackers to create plugins and offers a robust core feature set that makes it quite a dangerous malicious program in its class. RAT is quite a stable type that always makes it to the top. --- ANY.RUN's top...
libreoffice: Static Initialization Vector Allows to Recover Passwords for Web Connections Without Knowing the Master Password
A flaw was found in LibreOffice, where the required initialization vector for encryption was always the same. Stored passwords are encrypted with a single master key provided by the user. This issue weakens the security of the encryption, making them vulnerable if an attacker has access to the...
CVE-2022-3711
A post-auth read-only SQL injection vulnerability allows users to read non-sensitive configuration database contents in the User Portal of Sophos Firewall releases older than version 19.5 GA...
Sophos Firewall SQL注入漏洞
Sophos Firewall is a firewall from Sophos UK. A SQL injection vulnerability exists in versions prior to Sophos Firewall 19.5GA that allows an API client to read the contents of its user's configuration database via SQL injection...
WAVLINK WN531G3 Access Control Error Vulnerability
The WAVLINK WN531G3 is a wireless router from China's RuiYin Technology WAVLINK. The WAVLINK WN531G3 M31G3.V5030.201204 version and M31G3.V5030.200325 version contain an access control error vulnerability that can be exploited by an attacker to download configuration data and log files...