Lucene search
K

35 matches found

Vulnrichment
Vulnrichment
added 2025/01/14 12:0 a.m.10 views

CVE-2025-23018

IPv4-in-IPv6 and IPv6-in-IPv6 tunneling RFC 2473 do not require the validation or verification of the source of a network packet, allowing an attacker to spoof and route arbitrary traffic via an exposed network interface. This is a similar issue to CVE-2020-10136...

5.4CVSS6.5AI score0.0101EPSS
Exploits0References3
Packet Storm
Packet Storm
added 2023/11/13 12:0 a.m.556 views

EnBw SENEC Legacy Storage Box Exposed Interface

Advisory ID: Ph0s-2023-005 Product: EnBw - SENEC legacy storage box: V1-V3 Manufacturer: SENEC - a part of EnBw Affected Versions: Firmware: all as of 2023-06-19 Tested Versions: current Vulnerability Type: CWE-923: Improper Restriction of Communication Channel to Intended Endpoints Risk Level:...

7.4AI score0.01077EPSS
Exploits5
Positive Technologies
Positive Technologies
added 2023/08/23 12:0 a.m.6 views

PT-2023-13541 · Lenovo · Lcfc Bios

Name of the Vulnerable Software and Affected Versions: LCFC BIOS affected versions not specified Description: A potential issue was discovered in LCFC BIOS for some Lenovo consumer notebook models. This could allow a local attacker with elevated privileges to cause some peripherals to work...

6.7CVSS6.3AI score0.0017EPSS
Exploits0References3
Prion
Prion
added 2023/06/13 9:15 a.m.21 views

Default credentials

A vulnerability has been identified in CP-8031 MASTER MODULE All versions CPCI85 V05, CP-8050 MASTER MODULE All versions CPCI85 V05. The affected devices contain an exposed UART console login interface. An attacker with direct physical access could try to bruteforce or crack the root password to...

4.6CVSS6.6AI score0.00394EPSS
Exploits1References3Affected Software1
CNNVD
CNNVD
added 2023/05/09 12:0 a.m.6 views

GL.iNet devices 安全漏洞

GL.iNet devices are a series of hardware devices from China's Guanglian Zhitong GL.iNet company. A security vulnerability exists in GL.iNet devices prior to version 3.216, which stems from an API endpoint displaying information about the Wi-Fi configuration, including the SSID and key...

7.5CVSS7.8AI score0.29699EPSS
Exploits1References4
Prion
Prion
added 2022/11/16 11:15 p.m.17 views

Design/Logic Flaw

An issue was discovered in BACKCLICK Professional 5.9.63. Due to an exposed internal communications interface, it is possible to execute arbitrary system commands on the server...

7.5CVSS9.7AI score0.00949EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2022/11/16 12:0 a.m.4 views

CVE-2022-44000

An issue was discovered in BACKCLICK Professional 5.9.63. Due to an exposed internal communications interface, it is possible to execute arbitrary system commands on the server...

7.7AI score0.00949EPSS
Exploits1References2
Cvelist
Cvelist
added 2021/06/16 7:2 p.m.32 views

CVE-2021-34203

D-Link DIR-2640-US 1.01B04 is vulnerable to Incorrect Access Control. Router ac2600 dir-2640-us, when setting PPPoE, will start quagga process in the way of whole network monitoring, and this function uses the original default password and port. An attacker can easily use telnet to log in, modify...

8.3AI score0.01631EPSS
Exploits1References2
OSV
OSV
added 2020/04/29 3:15 a.m.3 views

CVE-2019-19100

A privilege escalation vulnerability in the upgrade service in B&R Automation Studio versions 4.0.x, 4.1.x, 4.2.x, 4.3.11SP, 4.4.9SP, 4.5.4SP, . 4.6.3SP, 4.7.2 and 4.8.1 allow authenticated users to delete arbitrary files via an exposed interface...

7.1CVSS7.2AI score
Exploits0References1
Prion
Prion
added 2020/04/29 3:15 a.m.9 views

Privilege escalation

A privilege escalation vulnerability in the upgrade service in B&R Automation Studio versions 4.0.x, 4.1.x, 4.2.x, 4.3.11SP, 4.4.9SP, 4.5.4SP, . 4.6.3SP, 4.7.2 and 4.8.1 allow authenticated users to delete arbitrary files via an exposed interface...

3.6CVSS7AI score0.00262EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2018/12/28 9:29 p.m.18 views

CVE-2018-14992

The ASUS ZenFone 3 Max Android device with a build fingerprint of asus/USPhone/ASUSX0081:7.0/NRD90M/USPhone-14.14.1711.92-20171208:user/release-keys contains a pre-installed platform app with a package name of com.asus.dm versionCode=1510500200, versionName=1.5.0.40171122 has an exposed interface...

5.5CVSS5.4AI score0.00365EPSS
Exploits1References2
Cvelist
Cvelist
added 2018/12/28 9:0 p.m.20 views

CVE-2018-14992

The ASUS ZenFone 3 Max Android device with a build fingerprint of asus/USPhone/ASUSX0081:7.0/NRD90M/USPhone-14.14.1711.92-20171208:user/release-keys contains a pre-installed platform app with a package name of com.asus.dm versionCode=1510500200, versionName=1.5.0.40171122 has an exposed interface...

5.4AI score0.00365EPSS
Exploits1References2
Prion
Prion
added 2018/06/26 6:29 p.m.21 views

Design/Logic Flaw

An issue was discovered in multiple models of Axis IP Cameras. There is an Exposed Insecure Interface...

10CVSS9.3AI score0.79752EPSS
Exploits4References4Affected Software390
OSV
OSV
added 2018/06/26 6:29 p.m.4 views

CVE-2018-10662

An issue was discovered in multiple models of Axis IP Cameras. There is an Exposed Insecure Interface...

9.8CVSS5.8AI score0.79752EPSS
Exploits4References4
ATTACKERKB
ATTACKERKB
added 2018/06/26 12:0 a.m.66 views

CVE-2018-10662

An issue was discovered in multiple models of Axis IP Cameras. There is an Exposed Insecure Interface. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...

10CVSS7AI score0.79752EPSS
In wildExploits4References5
Rows per page
Query Builder