Lucene search
+L

15 matches found

attackerkb
attackerkb
added 2026/06/15 4:30 a.m.2 views

CVE-2026-12219

A flaw has been found in Yealink SIP-T46U 108.86.0.118. The impacted element is the function moddiagnose.CommandShellByType of the file /api/diagnosis/start of the component Web FastCGI Service. This manipulation of the argument Time causes command injection. The attack can be initiated remotely...

6.5CVSS6.3AI score0.0105EPSS
Exploits0References5Affected Software1
redhatcve
redhatcve
added 2025/10/15 3:47 p.m.5 views

CVE-2025-31514

A insertion of sensitive information into log file vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4 all versions, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions, FortiProxy 7.6.0 through 7.6.3, FortiProxy 7.4.0 through 7.4.13, FortiProxy 7.2 all...

4.3CVSS5.4AI score0.00334EPSS
Exploits0References1
euvd
euvd
added 2025/10/14 6:30 p.m.5 views

EUVD-2025-34228

An Insertion of Sensitive Information into Log File vulnerability CWE-532 in FortiOS 7.6.0 through 7.6.3, 7.4 all versions, 7.2 all versions, 7.0 all versions, 6.4 all versions may allow an attacker with at least read-only privileges to retrieve sensitive 2FA-related information via observing log...

2.7CVSS6AI score0.00334EPSS
Exploits0References2
nvd
nvd
added 2025/10/14 4:15 p.m.25 views

CVE-2025-31514

A insertion of sensitive information into log file vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4 all versions, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions, FortiProxy 7.6.0 through 7.6.3, FortiProxy 7.4.0 through 7.4.13, FortiProxy 7.2 all...

4.3CVSS0.00334EPSS
Exploits0References2
osv
osv
added 2025/10/14 4:15 p.m.2 views

CVE-2025-31514

An Insertion of Sensitive Information into Log File vulnerability CWE-532 in FortiOS 7.6.0 through 7.6.3, 7.4 all versions, 7.2 all versions, 7.0 all versions, 6.4 all versions may allow an attacker with at least read-only privileges to retrieve sensitive 2FA-related information via observing log...

4.3CVSS5.8AI score0.00334EPSS
Exploits0References1
cvelist
cvelist
added 2025/10/14 3:23 p.m.12 views

CVE-2025-31514

A insertion of sensitive information into log file vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4 all versions, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions, FortiProxy 7.6.0 through 7.6.3, FortiProxy 7.4.0 through 7.4.13, FortiProxy 7.2 all...

2.7CVSS0.00334EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2025/10/14 3:23 p.m.3 views

CVE-2025-31514

A insertion of sensitive information into log file vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4 all versions, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions, FortiProxy 7.6.0 through 7.6.3, FortiProxy 7.4.0 through 7.4.13, FortiProxy 7.2 all...

2.7CVSS6.1AI score0.00334EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2025/10/14 12:0 a.m.10 views

PT-2025-41952

Name of the Vulnerable Software and Affected Versions FortiOS versions 6.4 through 7.0, 7.2, 7.4, and 7.6.0 through 7.6.3 Description An issue exists where sensitive two-factor authentication 2FA related information may be exposed. An attacker with read-only privileges could potentially retrieve...

2.7CVSS6.5AI score0.00334EPSS
Exploits0References3
nessus
nessus
added 2025/10/14 12:0 a.m.6 views

Fortinet Fortigate Insertion of Sensitive 2FA Information in logs and debug command (FG-IR-24-452)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-24-452 advisory. - A insertion of sensitive information into log file vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4 all...

4.3CVSS5.5AI score0.00334EPSS
Exploits0References2
euvd
euvd
added 2025/10/07 12:30 a.m.7 views

EUVD-2021-10943

Malware in sbrugna...

9CVSS8.7AI score0.0075EPSS
Exploits0References2
osv
osv
added 2023/06/13 9:15 a.m.6 views

CVE-2022-41327

A cleartext transmission of sensitive information vulnerability CWE-319 in Fortinet FortiOS version 7.2.0 through 7.2.4, 7.0.0 through 7.0.8, FortiProxy version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.8 allows an authenticated attacker with readonly superadmin privileges to intercept traffic in...

4.4CVSS5.8AI score0.00126EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2022/06/26 12:0 a.m.6 views

PT-2022-3467 · Watchguard · Watchguard Fireware

Name of the Vulnerable Software and Affected Versions: WatchGuard Fireware OS versions prior to 12.1.4 WatchGuard Fireware OS versions prior to 12.5.10 WatchGuard Fireware OS versions prior to 12.8.1 Description: An argument injection issue in the diagnose and import pac commands allows an...

7.8CVSS7.8AI score0.01242EPSS
Exploits2References9
rapid7blog
rapid7blog
added 2022/06/23 10:39 p.m.217 views

CVE-2022-31749: WatchGuard Authenticated Arbitrary File Read/Write (Fixed)

A remote and low-privileged WatchGuard Firebox or XTM user can read arbitrary system files when using the SSH interface due to an argument injection vulnerability affecting the diagnose command. Additionally, a remote and highly privileged user can write arbitrary system files when using the SSH...

7.8CVSS0.6AI score0.78303EPSS
Exploits9
nvd
nvd
added 2021/06/03 3:15 p.m.26 views

CVE-2021-24023

An improper input validation in FortiAI v1.4.0 and earlier may allow an authenticated user to gain system shell access via a malicious payload in the "diagnose" command...

9CVSS0.0075EPSS
Exploits0References1
osv
osv
added 2021/06/03 3:15 p.m.6 views

CVE-2021-24023

An improper input validation in FortiAI v1.4.0 and earlier may allow an authenticated user to gain system shell access via a malicious payload in the "diagnose" command...

8.8CVSS7.3AI score0.0075EPSS
Exploits0References1
Rows per page
Query Builder