96 matches found
CVE-2024-46873
Multiple SHARP routers leave the hidden debug function enabled. An arbitrary OS command may be executed with the root privilege by a remote unauthenticated attacker...
CVE-2024-47864
home 5G HR02, Wi-Fi STATION SH-52B, and Wi-Fi STATION SH-54C contain a buffer overflow vulnerability in the hidden debug function. A remote unauthenticated attacker may get the web console of the product down...
CVE-2024-47864
home 5G HR02, Wi-Fi STATION SH-52B, and Wi-Fi STATION SH-54C contain a buffer overflow vulnerability in the hidden debug function. A remote unauthenticated attacker may get the web console of the product down...
CVE-2024-47864
The CVE-2024-47864 issue affects Sharp home 5G HR02, Wi‑Fi STATION SH‑52B, and SH‑54C. It is a buffer overflow in the hidden debug function that can cause the product’s web console to go down. Evidence across multiple sources confirms the affected models and the vulnerability class, but explicit ...
CVE-2024-46873
Multiple SHARP routers leave the hidden debug function enabled. An arbitrary OS command may be executed with the root privilege by a remote unauthenticated attacker...
CVE-2024-46873
Multiple SHARP routers leave the hidden debug function enabled. An arbitrary OS command may be executed with the root privilege by a remote unauthenticated attacker...
CVE-2024-46873
CVE-2024-46873 concerns SHARP routers (SH-05L, SH-52B, SH-54C, HR02). The root cause is a hidden debug function that, when enabled, allows a remote unauthenticated attacker to execute arbitrary OS commands with root privileges. Public docs confirm this vulnerability alongside other SHARP router C...
PT-2024-32856 · Unknown · Home 5G Hr02 +2
Name of the Vulnerable Software and Affected Versions: home 5G HR02 affected versions not specified Wi-Fi STATION SH-52B affected versions not specified Wi-Fi STATION SH-54C affected versions not specified Description: The issue is related to a buffer overflow vulnerability in the hidden debug...
Multiple vulnerabilities in SHARP routers
Overview SHARP routers contain multiple vulnerabilities listed below. OS command injection vulnerability in the HOST name configuration screen CWE-78 - CVE-2024-45721 The hidden debug function is enabled CWE-489 - CVE-2024-46873 Buffer overflow vulnerability in the hidden debug function CWE-120 -...
CVE-2022-20648
A vulnerability in a debug function for Cisco RCM for Cisco StarOS Software could allow an unauthenticated, remote attacker to perform debug actions that could result in the disclosure of confidential information that should be restricted. This vulnerability exists because of a debug service that...
The vulnerability of the cs_dsp_dbg() function (located in the drivers/firmware/cirrus/cs_dsp.c file of the Linux kernel) allows an attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the csdspdbg function located in the drivers/firmware/cirrus/csdsp.c file of the Linux kernel is related to the occurrence of operations outside the buffer boundaries in memory when processing the wmfw header. Exploitation of this vulnerability could allow an attacker to...
Dahua Security Cameras Improper Authentication (CVE-2017-9316)
Firmware upgrade authentication bypass vulnerability was found in Dahua IPC-HDW4300S and some IP products. The vulnerability was caused by internal Debug function. This particular function was used for problem analysis and performance tuning during product development phase. It allowed the device...
Dahua Security Cameras Incorrect Default Permissions (CVE-2019-9679)
Some of Dahua's Debug functions do not have permission separation. Low-privileged users can use the Debug function after logging in. Affected products include: IPC-HDW1X2X,IPC-HFW1X2X,IPC-HDW2X2X,IPC- HFW2X2X,IPC-HDW4X2X,IPC-HFW4X2X,IPC-HDBW4X2X,IPC-HDW5X2X,IPC-HFW5X2X for versions which Build ti...
CVE-2024-36475
FutureNet NXR series, VXR series and WXR series provided by Century Systems Co., Ltd. contain an active debug code vulnerability. If a user who knows how to use the debug function logs in to the product, the debug function may be used and an arbitrary OS command may be executed...
CVE-2024-36475
FutureNet NXR series, VXR series and WXR series provided by Century Systems Co., Ltd. contain an active debug code vulnerability. If a user who knows how to use the debug function logs in to the product, the debug function may be used and an arbitrary OS command may be executed...
PT-2024-27018 · Futurenet · Futurenet Nxr Series
Name of the Vulnerable Software and Affected Versions: FutureNet NXR series, VXR series and WXR series affected versions not specified Description: The issue concerns an active debug code vulnerability. If a user with knowledge of the debug function logs in, they may utilize the debug function to...
CVE-2024-40915
A flaw was found in the kernelmappages function in RISC-V in the Linux Kernel, which is incorrectly designed to sleep in atomic contexts. This function cleared the valid bit in page table entries for deallocated pages to detect illegal memory accesses, but it utilized setmemory, which acquires a...
CVE-2024-40915
In the Linux kernel, the following vulnerability has been resolved: riscv: rewrite kernelmappages to fix sleeping in invalid context kernelmappages is a debug function which clears the valid bit in page table entry for deallocated pages to detect illegal memory accesses to freed pages. This...
UBUNTU-CVE-2024-40915
In the Linux kernel, the following vulnerability has been resolved: riscv: rewrite kernelmappages to fix sleeping in invalid context kernelmappages is a debug function which clears the valid bit in page table entry for deallocated pages to detect illegal memory accesses to freed pages. This...
CVE-2024-40915 riscv: rewrite __kernel_map_pages() to fix sleeping in invalid context
In the Linux kernel, the following vulnerability has been resolved: riscv: rewrite kernelmappages to fix sleeping in invalid context kernelmappages is a debug function which clears the valid bit in page table entry for deallocated pages to detect illegal memory accesses to freed pages. This...