Lucene search
K

26 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 10:31 a.m.4 views

CVE-2024-36441

Swissphone DiCal-RED 4009 devices allow an unauthenticated attacker use a port-2101 TCP connection to gain access to operation messages that are received by the device...

5.4CVSS7.3AI score0.00337EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:16 a.m.4 views

CVE-2024-36445

Swissphone DiCal-RED 4009 devices allow a remote attacker to gain a root shell via TELNET without authentication...

9.8CVSS5.9AI score0.00977EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 6:29 a.m.5 views

CVE-2024-36444

cgi-bin/fdmcgiwebv2.cgi on Swissphone DiCal-RED 4009 devices allows an unauthenticated attacker to gain access to device logs...

8.1CVSS8.3AI score0.00514EPSS
Exploits1References1
NVD
NVD
added 2024/08/22 4:15 p.m.9 views

CVE-2024-36441

Swissphone DiCal-RED 4009 devices allow an unauthenticated attacker use a port-2101 TCP connection to gain access to operation messages that are received by the device...

5.4CVSS0.00337EPSS
Exploits1References3
NVD
NVD
added 2024/08/22 3:15 p.m.7 views

CVE-2024-36442

cgi-bin/fdmcgiwebv2.cgi on Swissphone DiCal-RED 4009 devices allows an authenticated attacker to gain access to arbitrary files on the device's file system...

8.8CVSS0.00737EPSS
Exploits1References3
NVD
NVD
added 2024/08/22 3:15 p.m.6 views

CVE-2024-36444

cgi-bin/fdmcgiwebv2.cgi on Swissphone DiCal-RED 4009 devices allows an unauthenticated attacker to gain access to device logs...

8.1CVSS0.00514EPSS
Exploits1References3
NVD
NVD
added 2024/08/22 3:15 p.m.8 views

CVE-2024-36440

An issue was discovered on Swissphone DiCal-RED 4009 devices. An attacker with access to the file /etc/deviceconfig may recover the administrative device password via password-cracking methods, because unsalted MD5 is used...

6.8CVSS0.00292EPSS
Exploits1References3
NVD
NVD
added 2024/08/22 3:15 p.m.10 views

CVE-2024-36439

Swissphone DiCal-RED 4009 devices allow a remote attacker to gain access to the administrative web interface via the device password's hash value, without knowing the actual device password...

9.4CVSS0.0088EPSS
Exploits1References5
NVD
NVD
added 2024/08/22 2:15 p.m.14 views

CVE-2024-36443

Swissphone DiCal-RED 4009 devices allow a remote attacker to gain read access to almost the whole file system via anonymous FTP...

7.6CVSS0.0061EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2024/08/22 12:0 a.m.9 views

CVE-2024-36440

An issue was discovered on Swissphone DiCal-RED 4009 devices. An attacker with access to the file /etc/deviceconfig may recover the administrative device password via password-cracking methods, because unsalted MD5 is used...

7AI score0.00292EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2024/08/22 12:0 a.m.13 views

CVE-2024-36442

cgi-bin/fdmcgiwebv2.cgi on Swissphone DiCal-RED 4009 devices allows an authenticated attacker to gain access to arbitrary files on the device's file system...

7.1AI score0.00737EPSS
Exploits1References2
Cvelist
Cvelist
added 2024/08/22 12:0 a.m.15 views

CVE-2024-36441

Swissphone DiCal-RED 4009 devices allow an unauthenticated attacker use a port-2101 TCP connection to gain access to operation messages that are received by the device...

0.00337EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2024/08/22 12:0 a.m.3 views

PT-2024-27004 · Swissphone · Swissphone Dical-Red 4009

Name of the Vulnerable Software and Affected Versions: Swissphone DiCal-RED 4009 devices affected versions not specified Description: The issue allows an unauthenticated attacker to gain access to device logs through the cgi-bin/fdmcgiwebv2.cgi endpoint on Swissphone DiCal-RED 4009 devices...

8.1CVSS7AI score0.00514EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2024/08/22 12:0 a.m.8 views

PT-2024-27005 · Swissphone · Swissphone Dical-Red 4009

Name of the Vulnerable Software and Affected Versions: Swissphone DiCal-RED 4009 devices affected versions not specified Description: The issue allows a remote attacker to gain a root shell via TELNET without authentication. Recommendations: At the moment, there is no information about a newer...

9.8CVSS7.4AI score0.00977EPSS
Exploits1References8
Vulnrichment
Vulnrichment
added 2024/08/22 12:0 a.m.10 views

CVE-2024-36444

cgi-bin/fdmcgiwebv2.cgi on Swissphone DiCal-RED 4009 devices allows an unauthenticated attacker to gain access to device logs...

7.3AI score0.00514EPSS
Exploits1References2
CVE
CVE
added 2024/08/22 12:0 a.m.46 views

CVE-2024-36445

CVE-2024-36445 affects Swissphone DiCal-RED 4009 devices, where an unauthenticated TELNET access path permits a remote attacker to obtain a root shell. The advisory and linked sources describe a missing-authentication vulnerability (CWE-306) in the DiCal-RED 4009 module, with the CVSSv3.1 vector ...

9.8CVSS7.4AI score0.00977EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2024/08/22 12:0 a.m.9 views

PT-2024-27003 · Swissphone · Swissphone Dical-Red 4009

Name of the Vulnerable Software and Affected Versions: Swissphone DiCal-RED 4009 version not specified Description: The issue allows a remote attacker to gain read access to almost the whole file system via anonymous FTP. This could potentially expose sensitive data. There is no information...

7.6CVSS7.2AI score0.0061EPSS
Exploits1References9
Positive Technologies
Positive Technologies
added 2024/08/22 12:0 a.m.3 views

PT-2024-27002 · Swissphone · Swissphone Dical-Red 4009

Name of the Vulnerable Software and Affected Versions: Swissphone DiCal-RED 4009 affected versions not specified Description: The issue allows an authenticated attacker to gain access to arbitrary files on the device's file system through the cgi-bin/fdmcgiwebv2.cgi endpoint. Recommendations: At...

8.8CVSS6.8AI score0.00737EPSS
Exploits1References7
Cvelist
Cvelist
added 2024/08/22 12:0 a.m.9 views

CVE-2024-36443

Swissphone DiCal-RED 4009 devices allow a remote attacker to gain read access to almost the whole file system via anonymous FTP...

0.0061EPSS
Exploits1References2
CVE
CVE
added 2024/08/22 12:0 a.m.39 views

CVE-2024-36441

CVE-2024-36441 affects Swissphone DiCal-RED 4009 devices. An unauthenticated actor can connect to TCP port 2101 and gain access to operation messages received by the device. The Red Hat advisory and PacketStorm entries corroborate this information. No specific exploit details, affected versions b...

5.4CVSS7AI score0.00337EPSS
Exploits1References3
Rows per page
Query Builder