Lucene search
K

173 matches found

Check Point Advisories
Check Point Advisories
added 2015/09/16 12:0 a.m.2 views

Cisco Router SYNful Knock Implant TCP Activator

A router implant vulnerability, known as SYNful Knock has been reported in multiple Cisco routers . A successful exploitation might enable the attacker to modify the router's firmware, and thereby allow running arbitrary code, or using the server as a bot for further attacks...

3.7AI score
Exploits0
ThreatPost
ThreatPost
added 2015/09/15 9:38 a.m.12 views

Attackers Replacing Firmware on Cisco Routers

Cisco routers are built into the fabric of the Internet and enterprise networks, a fact that makes them highly attractive targets for attackers. Researchers at FireEye have come across attacks recently in which hackers have been modifying the firmware of Cisco routers and using that foothold to...

0.8AI score
Exploits0References3
CNVD
CNVD
added 2015/07/23 12:0 a.m.3 views

Fiat Chrysler Automobiles Uconnect Remote Elevation of Privilege Vulnerability

Fiat Chrysler Automobiles Uconnect is a suite of in-car information systems from Fiat Chrysler Automobiles FCA in the United States. An unspecified vulnerability exists in Fiat Chrysler Automobiles Uconnect 15.26.1. A remote attacker on the same mobile network could exploit this vulnerability by...

8.3CVSS6.5AI score0.01768EPSS
Exploits0References1
NVD
NVD
added 2015/01/30 11:59 a.m.20 views

CVE-2014-4498

The CPU Software in Apple OS X before 10.10.2 allows physically proximate attackers to modify firmware during the EFI update process by inserting a Thunderbolt device with crafted code in an Option ROM, aka the "Thunderstrike" issue...

4.7CVSS6.1AI score0.00389EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2014/05/14 12:55 a.m.4 views

CVE-2014-2046

cgi-bin/rpcBridge in the web interface 1.1 on Broadcom Ltd PIPA C211 rev2 does not properly restrict access, which allows remote attackers to 1 obtain credentials and other sensitive information via a certain request to the config.getValuesHashExcludePaths method or 2 modify the firmware via...

9.7CVSS5.6AI score0.03815EPSS
Exploits6References4
Prion
Prion
added 2014/05/14 12:55 a.m.19 views

Design/Logic Flaw

cgi-bin/rpcBridge in the web interface 1.1 on Broadcom Ltd PIPA C211 rev2 does not properly restrict access, which allows remote attackers to 1 obtain credentials and other sensitive information via a certain request to the config.getValuesHashExcludePaths method or 2 modify the firmware via...

9.7CVSS6.8AI score0.03815EPSS
Exploits6References2Affected Software2
EUVD
EUVD
added 2013/10/11 9:0 p.m.5 views

EUVD-2013-2523

cgi-bin/firmwareupgrade in TP-Link IP Cameras TL-SC3130, TL-SC3130G, TL-SC3171, TL-SC3171G, and possibly other models before beta firmware LM.1.6.18P12sign6 allows remote attackers to modify the firmware revision via a "preset" action...

7.8CVSS6.4AI score0.025EPSS
Exploits6References3
Prion
Prion
added 2009/11/10 7:30 p.m.15 views

Design/Logic Flaw

IOKit in Apple Mac OS X before 10.6.2 allows local users to modify the firmware of a 1 USB or 2 Bluetooth keyboard via unspecified vectors...

4.9CVSS6.2AI score0.00344EPSS
Exploits1References4Affected Software2
Cvelist
Cvelist
added 2009/11/10 7:0 p.m.22 views

CVE-2009-2834

IOKit in Apple Mac OS X before 10.6.2 allows local users to modify the firmware of a 1 USB or 2 Bluetooth keyboard via unspecified vectors...

6.7AI score0.00344EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2006/01/17 8:36 a.m.8 views

security flaw

SUSE Linux before 9.1 and SUSE Linux Enterprise Server before 9 do not properly check commands sent to CD devices that have been opened read-only, which could allow local users to conduct unauthorized write activities to modify the firmware of associated SCSI devices...

2.1CVSS5.8AI score0.00396EPSS
Exploits1References4
securityvulns
securityvulns
added 2005/09/14 12:0 a.m.27 views

Multiple Linksys WRT54G router vulnerabilities

Buffer overflow and possibility for unauthorized configuration / firmware modification, static HTTPs key, DoS...

1.7AI score
Exploits0References5
CVE
CVE
added 2004/12/15 5:0 a.m.56 views

CVE-2004-1190

The CVE-2004-1190 issue affects SUSE Linux before 9.1 and SUSE Linux Enterprise Server before 9, where commands sent to CD devices opened read-only were not properly checked. This could permit a local attacker to perform unauthorized writes to the firmware of connected SCSI devices, potentially c...

2.1CVSS4.9AI score0.00396EPSS
Exploits1References6Affected Software1
NVD
NVD
added 2001/12/31 5:0 a.m.16 views

CVE-2001-1484

Alcatel ADSL modems allow remote attackers to access the Trivial File Transfer Protocol TFTP to modify firmware and configuration via a bounce attack from a system on the local area network LAN side, which is allowed to access TFTP without authentication...

7.5CVSS6.6AI score0.02364EPSS
Exploits0References3
Rows per page
Query Builder