Lucene search
+L

168 matches found

ATTACKERKB
ATTACKERKB
added 2022/11/22 12:0 a.m.35 views

CVE-2022-40765

A vulnerability in the Edge Gateway component of Mitel MiVoice Connect through 19.3 22.22.6100.0 could allow an authenticated attacker with internal network access to conduct a command-injection attack, due to insufficient restriction of URL parameters. Recent assessments: Assessed Attacker Value...

6.8CVSS5.5AI score0.10481EPSS
In wildExploits0References3
Cvelist
Cvelist
added 2022/11/22 12:0 a.m.52 views

CVE-2022-40765

A vulnerability in the Edge Gateway component of Mitel MiVoice Connect through 19.3 22.22.6100.0 could allow an authenticated attacker with internal network access to conduct a command-injection attack, due to insufficient restriction of URL parameters...

6.6AI score0.10481EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/11/22 12:0 a.m.5 views

PT-2022-25525 · Mitel · Mitel Mivoice Connect

Name of the Vulnerable Software and Affected Versions: Mitel MiVoice Connect versions through 19.3 22.22.6100.0 Description: A vulnerability in the Edge Gateway component could allow an authenticated attacker with internal network access to conduct a command-injection attack, due to insufficient...

6.8CVSS6.6AI score0.10481EPSS
Exploits0References7
NCSC
NCSC
added 2022/10/14 12:0 a.m.4 views

Vulnerabilities fixed in Mitel MiVoice Connect

Vulnerabilities have been fixed in the Director and Mitel Edge Gateway components Mitel MiVoice Connect. The vulnerability with reference CVE-2022-40765 allows an authenticated malicious person with access to the internal network able to inject rogue commands with administrator privileges within...

6.8CVSS8AI score0.10571EPSS
Exploits0
NVD
NVD
added 2022/08/31 8:15 p.m.16 views

CVE-2022-34383

Dell Edge Gateway 5200 EGW versions before 1.03.10 contain an operating system command injection vulnerability. A local malicious user may potentially exploit this vulnerability by using an SMI to bypass PMC mitigation and gain arbitrary code execution during SMM...

8.2CVSS0.00464EPSS
Exploits0References1
OSV
OSV
added 2022/08/31 8:15 p.m.4 views

CVE-2022-34383

Dell Edge Gateway 5200 EGW versions before 1.03.10 contain an operating system command injection vulnerability. A local malicious user may potentially exploit this vulnerability by using an SMI to bypass PMC mitigation and gain arbitrary code execution during SMM...

8.2CVSS6.2AI score0.00464EPSS
Exploits0References1
Prion
Prion
added 2022/08/31 8:15 p.m.14 views

Command injection

Dell Edge Gateway 5200 EGW versions before 1.03.10 contain an operating system command injection vulnerability. A local malicious user may potentially exploit this vulnerability by using an SMI to bypass PMC mitigation and gain arbitrary code execution during SMM...

4CVSS8.7AI score0.00464EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/08/31 8:5 p.m.19 views

CVE-2022-34383

Dell Edge Gateway 5200 EGW versions before 1.03.10 contain an operating system command injection vulnerability. A local malicious user may potentially exploit this vulnerability by using an SMI to bypass PMC mitigation and gain arbitrary code execution during SMM...

8.1CVSS8.9AI score0.00464EPSS
Exploits0References1
CVE
CVE
added 2022/08/31 8:5 p.m.53 views

CVE-2022-34383

CVE-2022-34383 affects Dell Edge Gateway 5200 (EGW) before 1.03.10. A local attacker can trigger an operating system command injection by using a System Management Interrupt (SMI) to bypass PMC and gain arbitrary code execution during System Management Mode (SMM). Public records corroborate the a...

8.2CVSS8.6AI score0.00464EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2022/08/31 12:0 a.m.5 views

Dell Edge Gateway 操作系统命令注入漏洞

Dell Edge Gateway is a series of intelligent gateway devices from Dell, Inc. It is designed to aggregate, protect, analyze and relay data from various sensors and devices at the edge of the network. A security vulnerability exists in Dell Edge Gateway 5200 EGW versions prior to 1.03.10, which can...

8.2CVSS7.5AI score0.00464EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/08/31 12:0 a.m.6 views

PT-2022-22156 · Dell · Dell Edge Gateway 5200

Name of the Vulnerable Software and Affected Versions: Dell Edge Gateway 5200 EGW versions prior to 1.03.10 Description: The issue allows a local malicious user to potentially exploit an operating system command injection vulnerability. This can be done by using a System Management Interrupt SMI ...

8.2CVSS8.7AI score0.00464EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/08/24 12:0 a.m.2 views

CVE-2022-34383

Dell Edge Gateway 5200 EGW versions before 1.03.10 contain an operating system command injection vulnerability. A local malicious user may potentially exploit this vulnerability by using an SMI to bypass PMC mitigation and gain arbitrary code execution during SMM...

8.2CVSS6.5AI score0.00464EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/04/14 12:0 a.m.22 views

Red Lion DA50N 安全漏洞

The Red Lion DA50N is a series of secure edge network gateways from Red Lion, U.S.A. A security vulnerability exists in the Red Lion DA50N that could be exploited by an attacker to elevate to root access using the su command...

10CVSS8.3AI score0.01172EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2021/07/16 12:0 a.m.112 views

F5 BIG-IP Edge Client Windows 7.2.1 < 7.2.1.3 / 7.1.6 < 7.1.9.9 Update 1 DLL Hijacking (K33757590)

The version of the Big-IP Edge Client Windows Component Installer installed on the remote Windows host is 7.2.1 before 7.2.1.3, or between 7.1.6 and 7.1.9.9 Update 1. It is, therefore, affected by a DLL hijacking vulnerability. A local attacker can exploit this using a malicious DLL to gain...

7.8CVSS7.4AI score0.003EPSS
Exploits0References2
CNVD
CNVD
added 2021/06/21 12:0 a.m.11 views

Command Execution Vulnerability in Intelligent Edge Gateway of China Mobile Communications Corporation Ltd.

China Mobile Communications Corporation CMCC, the largest mobile communications operator in China, specializes in mobile voice, data, IP telephony and multimedia services. A command execution vulnerability exists in the Smart Edge Gateway of China Mobile Communications Corporation, which can be...

7.9AI score
Exploits0
CNVD
CNVD
added 2021/06/04 12:0 a.m.36 views

F5 BIG-IP Edge Gateway Elevation of Privilege Vulnerability

F5 BIG-IP Edge Gateway is a remote access solution from F5 USA. An elevation of privilege vulnerability exists in F5 BIG-IP Edge Gateway, which stems from a faulty program call to an advanced native procedure, where a non-privileged user uses a malicious DLL to elevate power on a client Windows...

7.8CVSS4AI score0.003EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/06/02 12:0 a.m.5 views

F5 BIG-IP Edge Gateway代码问题漏洞

F5 BIG-IP Edge Gateway is a remote access solution from F5 USA. An elevation of privilege vulnerability exists in F5 BIG-IP Edge Gateway, which stems from a faulty program call to an advanced native procedure, where a non-privileged user uses a malicious DLL to elevate power on a client Windows...

7.8CVSS5.7AI score0.003EPSS
Exploits0References3
NVD
NVD
added 2020/04/30 10:15 p.m.34 views

CVE-2020-5892

In versions 7.1.5-7.1.8, the BIG-IP Edge Client components in BIG-IP APM, Edge Gateway, and FirePass legacy allow attackers to obtain the full session ID from process memory...

6.7CVSS6.4AI score0.00306EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2020/03/31 12:0 a.m.34 views

F5 Networks BIG-IP : ImageMagick vulnerability (K03512441)

ImageMagick before 7.0.8-50 has an integer overflow vulnerability in the function TIFFSeekCustomStream in coders/tiff.c. CVE-2019-13136 Impact BIG-IP AAM,Edge Gateway, WebAccelerator This issue affects BIG-IP systems only when WAM or AAM is provisioned.If exploited, this vulnerability may result ...

7.8CVSS7.1AI score0.01457EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2020/03/31 12:0 a.m.40 views

F5 Networks BIG-IP : ImageMagick vulnerability (K20336394)

ImageMagick before 7.0.8-50 has a 'use of uninitialized value' vulnerability in the function ReadCUTImage in coders/cut.c. CVE-2019-13135 Impact BIG-IP AAM,Edge Gateway, and WebAccelerator This issue affects BIG-IP systems only when WAM or AAM is provisioned. If exploited, this vulnerabilitymay...

8.8CVSS7.1AI score0.03291EPSS
Exploits0References2
Rows per page
Query Builder