Lucene search
K

23 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2013-3523

Malware in sbrugna...

4.3CVSS6.2AI score0.01634EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2013-4631

Malware in sbrugna...

10CVSS6.4AI score0.03621EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/05/22 11:31 a.m.9 views

CVE-2013-3589

Cross-site scripting XSS vulnerability in the login page in the Administrative Web Interface on Dell iDRAC6 monolithic devices with firmware before 1.96 and iDRAC7 devices with firmware before 1.46.45 allows remote attackers to inject arbitrary web script or HTML via the ErrorMsg parameter...

4.3CVSS6AI score0.01634EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/01/17 12:0 a.m.28 views

Dell iDRAC6 Command Injection (CVE-2018-1212)

The web-based diagnostics console in Dell EMC iDRAC6 Monolithic versions prior to 2.91 and Modular all versions contains a command injection vulnerability. A remote authenticated malicious iDRAC user with access to the diagnostics console could potentially exploit this vulnerability to execute...

9CVSS8.4AI score0.04335EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/01/17 12:0 a.m.22 views

Dell iDRAC6 Cross-site Scripting (CVE-2013-3589)

Cross-site scripting XSS vulnerability in the login page in the Administrative Web Interface on Dell iDRAC6 monolithic devices with firmware before 1.96 and iDRAC7 devices with firmware before 1.46.45 allows remote attackers to inject arbitrary web script or HTML via the ErrorMsg parameter. This...

4.3CVSS5.6AI score0.01634EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/01/17 12:0 a.m.12 views

Dell iDRAC6 CLP Interface Modification (CVE-2013-4785)

iDRAC 6 firmware 1.7, and possibly other versions, allows remote attackers to modify the CLP interface for arbitrary users and possibly have other impact via a request to an unspecified form that is accessible from testurls.html. This plugin only works with Tenable.ot. Please visit...

10CVSS5.9AI score0.03621EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/01/17 12:0 a.m.22 views

Dell iDRAC6 Improper Authentication (CVE-2013-4783)

The Dell iDRAC6 with firmware 1.x before 1.92 and 2.x and 3.x before 3.42, and iDRAC7 with firmware before 1.23.23, allows remote attackers to bypass authentication and execute arbitrary IPMI commands by using cipher suite 0 aka cipher zero and an arbitrary password. NOTE: the vendor disputes the...

10CVSS6AI score0.03384EPSS
Exploits0References8
OSV
OSV
added 2018/07/02 5:29 p.m.4 views

CVE-2018-1212

The web-based diagnostics console in Dell EMC iDRAC6 Monolithic versions prior to 2.91 and Modular all versions contains a command injection vulnerability. A remote authenticated malicious iDRAC user with access to the diagnostics console could potentially exploit this vulnerability to execute...

8.8CVSS6.1AI score0.04335EPSS
Exploits0References1
CNVD
CNVD
added 2017/04/18 12:0 a.m.3 views

Dell iDRAC6 Arbitrary Command Execution Vulnerability

Dell iDRAC6 is a remote management solution on the Dell PowerEdge family of servers. An arbitrary command execution vulnerability exists in Dell iDRAC6. An attacker could exploit the vulnerability to execute arbitrary commands in the context of an affected application...

8.8CVSS7.8AI score0.0198EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2015/01/21 12:0 a.m.54 views

Dell iDRAC Weak SessionID Vulnerability (IPMI Protocol) - Active Check

Intelligent Platform Management Interface IPMI v1.5 SessionID SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...

5CVSS6.4AI score0.21152EPSS
Exploits6References5
Prion
Prion
added 2014/12/19 11:59 a.m.21 views

Command injection

The IPMI 1.5 functionality in Dell iDRAC6 modular before 3.65, iDRAC6 monolithic before 1.98, and iDRAC7 before 1.57.57 does not properly select session ID values, which makes it easier for remote attackers to execute arbitrary commands via a brute-force attack...

5CVSS7.9AI score0.21152EPSS
Exploits6References3Affected Software4
Cvelist
Cvelist
added 2014/12/19 11:0 a.m.29 views

CVE-2014-8272

The IPMI 1.5 functionality in Dell iDRAC6 modular before 3.65, iDRAC6 monolithic before 1.98, and iDRAC7 before 1.57.57 does not properly select session ID values, which makes it easier for remote attackers to execute arbitrary commands via a brute-force attack...

7.4AI score0.21152EPSS
Exploits6References3
OpenVAS
OpenVAS
added 2013/11/27 12:0 a.m.98 views

IPMI Cipher Suite 0 (Cipher Zero) Authentication Bypass Vulnerability (IPMI Protocol)

Intelligent Platform Management Interface IPMI services are prone to an authentication bypass vulnerability through the use of cipher suite 0 aka cipher zero. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

6.8AI score
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2013/10/13 12:0 a.m.114 views

Dell iDRAC6 / iDRAC7 Login Page 'ErrorMsg' Parameter XSS

The remote Dell Remote Access Controller iDRAC6 / iDRAC7 is affected by a cross-site scripting vulnerability in the login page due to improper sanitization of user-supplied input to the 'ErrorMsg' parameter. An attacker can exploit this to inject arbitrary HTML and script code into a user's brows...

4.3CVSS5.7AI score0.01634EPSS
Exploits0References2
NVD
NVD
added 2013/09/24 10:35 a.m.27 views

CVE-2013-3589

Cross-site scripting XSS vulnerability in the login page in the Administrative Web Interface on Dell iDRAC6 monolithic devices with firmware before 1.96 and iDRAC7 devices with firmware before 1.46.45 allows remote attackers to inject arbitrary web script or HTML via the ErrorMsg parameter...

4.3CVSS5.8AI score0.01634EPSS
Exploits0References2
Prion
Prion
added 2013/09/24 10:35 a.m.14 views

Cross site scripting

Cross-site scripting XSS vulnerability in the login page in the Administrative Web Interface on Dell iDRAC6 monolithic devices with firmware before 1.96 and iDRAC7 devices with firmware before 1.46.45 allows remote attackers to inject arbitrary web script or HTML via the ErrorMsg parameter...

4.3CVSS6.3AI score0.01634EPSS
Exploits0References2Affected Software2
Cvelist
Cvelist
added 2013/09/24 10:0 a.m.29 views

CVE-2013-3589

Cross-site scripting XSS vulnerability in the login page in the Administrative Web Interface on Dell iDRAC6 monolithic devices with firmware before 1.96 and iDRAC7 devices with firmware before 1.46.45 allows remote attackers to inject arbitrary web script or HTML via the ErrorMsg parameter...

5.7AI score0.01634EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2013/07/16 12:0 a.m.200 views

Dell iDRAC6 Multiple Vulnerabilities

The remote Dell Integrated Remote Access Controller 6 iDRAC6 is affected by the following vulnerabilities : - A flaw exists in the testurls.html page that allows a remote attacker to authenticate as root. A remote attacker can exploit this to enable root user access over SSH, telnet, and other...

10CVSS5.7AI score0.03621EPSS
Exploits0References4
NVD
NVD
added 2013/07/08 10:55 p.m.22 views

CVE-2013-4785

The web interface on the Dell iDRAC6 with firmware before 1.95 allows remote attackers to modify the CLP interface for arbitrary users and possibly have other impact via a request to an unspecified form that is accessible from testurls.html. NOTE: the vendor disputes the significance of this issu...

10CVSS7.1AI score0.03621EPSS
Exploits0References3
Prion
Prion
added 2013/07/08 10:55 p.m.8 views

Design/Logic Flaw

The web interface on the Dell iDRAC6 with firmware before 1.95 allows remote attackers to modify the CLP interface for arbitrary users and possibly have other impact via a request to an unspecified form that is accessible from testurls.html. NOTE: the vendor disputes the significance of this issu...

10CVSS7.7AI score0.03621EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder