15 matches found
EUVD-2016-5939
Malware in sbrugna...
EUVD-2021-12934
Malware in sbrugna...
EUVD-2021-19433
Malware in sbrugna...
EUVD-2021-19425
Malware in sbrugna...
EUVD-2021-12936
Malware in sbrugna...
CVE-2023-44251
UNSUPPORTED WHEN ASSIGNED A improper limitation of a pathname to a restricted directory 'path traversal' vulnerability CWE-22 in Fortinet FortiWAN version 5.2.0 through 5.2.1 and version 5.1.1. through 5.1.2 may allow an authenticated attacker to read and delete arbitrary file of the system via...
CVE-2022-33869
An improper neutralization of special elements used in an OS command vulnerability CWE-78 in the management interface of FortiWAN 4.0.0 through 4.5.9 may allow an authenticated attacker to execute unauthorized commands via specifically crafted arguments to existing commands...
CVE-2021-32585
An improper neutralization of input during web page generation vulnerability CWE-79 in FortiWAN before 4.5.9 may allow an attacker to perform a stored cross-site scripting attack via specifically crafted HTTP requests...
CVE-2021-32593
A use of a broken or risky cryptographic algorithm vulnerability CWE-327 in the Dynamic Tunnel Protocol of FortiWAN before 4.5.9 may allow an unauthenticated remote attacker to decrypt and forge protocol communication messages...
CVE-2021-26102
A relative path traversal vulnerability CWE-23 in FortiWAN version 4.5.7 and below, 4.4 all versions may allow a remote non-authenticated attacker to delete files on the system by sending a crafted POST request. In particular, deleting specific configuration files will reset the Admin password to...
CVE-2021-26102
A relative path traversal vulnerability CWE-23 in FortiWAN version 4.5.7 and below, 4.4 all versions may allow a remote non-authenticated attacker to delete files on the system by sending a crafted POST request. In particular, deleting specific configuration files will reset the Admin password to...
CVE-2021-26102
A relative path traversal vulnerability CWE-23 in FortiWAN version 4.5.7 and below, 4.4 all versions may allow a remote non-authenticated attacker to delete files on the system by sending a crafted POST request. In particular, deleting specific configuration files will reset the Admin password to...
CVE-2021-26115
An OS command injection CWE-78 vulnerability in FortiWAN version 4.5.7 and below Command Line Interface may allow a local, authenticated and unprivileged attacker to escalate their privileges to root via executing a specially-crafted command.An OS command injection CWE-78 vulnerability in FortiWA...
CVE-2021-26115
An OS command injection CWE-78 vulnerability in FortiWAN version 4.5.7 and below Command Line Interface may allow a local, authenticated and unprivileged attacker to escalate their privileges to root via executing a specially-crafted command.An OS command injection CWE-78 vulnerability in FortiWA...
CVE-2016-4967
Fortinet FortiWan formerly AscernLink before 4.2.5 allows remote authenticated users to obtain sensitive information from 1 a backup of the device configuration via script/cfgshow.php or 2 PCAP files via script/system/tcpdump.php...