PT-2023-5078 · Milesight · Milesight Ur32L

Name of the Vulnerable Software and Affected Versions: Milesight UR32L version 32.3.0.5 Description: Multiple buffer overflow vulnerabilities exist in the vtysh ubus binary due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An...

PT-2023-5145 · Milesight · Milesight Ur32L

Name of the Vulnerable Software and Affected Versions: Milesight UR32L version 32.3.0.5 Description: The issue is caused by a buffer overflow vulnerability in the set ike profile function of the vtysh ubus binary, due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can...

CVE-2022-42474

A relative path traversal vulnerability CWE-23 in Fortinet FortiOS version 7.2.0 through 7.2.3, version 7.0.0 through 7.0.9 and before 6.4.12, FortiProxy version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.7, FortiSwitchManager version 7.2.0 through 7.2.1 and before 7.0.1 allows an privileged...

CVE-2022-39946

An access control vulnerability CWE-284 in FortiNAC version 9.4.2 and below, version 9.2.7 and below, 9.1 all versions, 8.8 all versions, 8.7 all versions, 8.6 all versions, 8.5 all versions may allow a remote attacker authenticated on the administrative interface to perform unauthorized jsp call...

FortiNAC - Improper access control on administrative panels

An access control vulnerability CWE-284 in FortiNAC may allow a remote attacker authenticated on the administrative interface to perform unauthorized jsp calls via crafted HTTP requests...

Fortinet Fortigate Null pointer dereference in sslvnd (FG-IR-23-111)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-23-111 advisory. - A null pointer dereference in Fortinet FortiOS version 7.2.0 through 7.2.4, 7.0.0 through 7.0.11, 6.4.0 through 6.4.12, 6.2...

GHSA-MJ6P-3PC9-WF5M proxy denial of service vulnerability

A remote attacker can trigger a denial of service in the socket.remoteAddress variable, by sending a crafted HTTP request. Usage of the undefined variable raises a TypeError exception...

proxy denial of service vulnerability

A remote attacker can trigger a denial of service in the socket.remoteAddress variable, by sending a crafted HTTP request. Usage of the undefined variable raises a TypeError exception...

Code injection

A remote attacker can trigger a denial of service in the socket.remoteAddress variable, by sending a crafted HTTP request. Usage of the undefined variable raises a TypeError exception...

The vulnerability in the web interface of the Cisco Identity Services Engine (ISE) management platform allows a malicious actor to read arbitrary files.

The vulnerability in the web interface for managing Cisco Identity Services Engine ISE platforms relates to the implementation of security functions at the client side. Exploiting this vulnerability allows a malicious actor to read arbitrary files using a specially created HTTP request...

Heap overflow

A heap-based buffer overflow in a network service in Fastweb FASTGate MediaAccess FGA2130FWB, firmware version 18.3.n.0482FW230FGA2130, and DGA4131FWB, firmware version up to 18.3.n.0462FW261DGA4131, allows a remote attacker to reboot the device through a crafted HTTP request, causing DoS...

Cisco Identity Services Engine 3.x < 3.2P1 Arbitrary File Download (cisco-sa-ise-file-dwnld-Srcdnkd2)

According to its self-reported version, Cisco Identity Services is affected by a vulnerability in the web-based management interface. These allow an authenticated, remote attacker to download arbitrary files from the file system of an affected device. These vulnerabilities are due to insufficient...

Input validation

Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to download arbitrary files from the filesystem of an affected device. These vulnerabilities are due to insufficient input validation. An attacker cou...

IBM Security Verify Access Input Validation Error Vulnerability (CNVD-2023-41894)

IBM Security Verify Access ISAM is a service from International Business Machines IBM that improves user access security. IBM Security Verify Access suffers from an input validation error vulnerability that stems from improper input validation of the application, which can be exploited by an...

CVE-2023-31856

A command injection vulnerability in the hostTime parameter in the function NTPSyncWithHostof TOTOLINK CP300+ V5.2cu.7594B20200910 allows attackers to execute arbitrary commands via a crafted http packet...

Design/Logic Flaw

IBM Security Verify Access 10.0.0, 10.0.1, 10.0.2, 10.0.3, 10.0.4, and 10.0.5 could allow an attacker to crash the webseald process using specially crafted HTTP requests resulting in loss of access to the system. IBM X-Force ID: 247635...

Zyxel USG FLEX 安全漏洞

Zyxel USG FLEX is a firewall from China Hopkins Zyxel. Offering flexible VPN options IPsec, SSL or L2TP, it provides flexible and secure remote access for remote work and management. A security vulnerability exists in the Zyxel USG FLEX Series 4.50 to 5.35 firmware versions, USG FLEX 50W 4.30 to...

Command injection

Nanoleaf Desktop App before v1.3.1 was discovered to contain a command injection vulnerability which is exploited via a crafted HTTP request...

CVE-2022-46640

Nanoleaf Desktop App before v1.3.1 was discovered to contain a command injection vulnerability which is exploited via a crafted HTTP request...

CVE-2023-26559

A directory traversal vulnerability in Oxygen XML Web Author before 25.0.0.3 build 2023021715 and Oxygen Content Fusion before 5.0.3 build 2023022015 allows an attacker to read files from a WEB-INF directory via a crafted HTTP request. XML Web Author 24.1.0.3 build 2023021714 and 23.1.1.4 build...