8 matches found
PT-2025-34731
Name of the Vulnerable Software and Affected Versions: Tenda CH22 version 1.0.0.1 Description: A buffer overflow issue exists in the formeditUserName function within the /goform/editUserName file. Manipulation of the new account argument can trigger the flaw, allowing for remote exploitation...
CVE-2022-45508
Tenda W30E V1.0.1.25633 was discovered to contain a stack overflow via the newaccount parameter at /goform/editUserName...
CVE-2022-45507
Tenda W30E V1.0.1.25633 was discovered to contain a stack overflow via the editNameMit parameter at /goform/editFileName...
CVE-2021-44154
An issue was discovered in Reprise RLM 14.2. By using an admin account, an attacker can write a payload to /goform/editopt, which will then be triggered when running the diagnostics via /goform/diagnosticsdoit, resulting in a buffer overflow...
Reprise License Manager license editor cross-site scripting vulnerability
Reprise License Manager RLM is a set of license management software from Reprise, Inc. license editor is one of the certificate editors. A cross-site scripting vulnerability exists in the 'lf' parameter of the /goform/editlfgetdata URL of the license editor in Reprise RLM 12.2BL2 and earlier...
Reprise License Manager Arbitrary File Read Vulnerability
Reprise License Manager RLM is a suite of license management software from Reprise, Inc. An arbitrary file read vulnerability exists in Reprise RLM 12.2BL2 and earlier versions, which stems from the fact that by default, the web interface on port 5054 does not require authentication. The...
CVE-2018-15574
An issue was discovered in the license editor in Reprise License Manager RLM through 12.2BL2. It is a cross-site scripting vulnerability in the /goform/editlfgetdata lf parameter via GET or POST. NOTE: the vendor has stated "We do not consider this a vulnerability."...
PT-2018-13098 · Reprise · Reprise License Manager
Name of the Vulnerable Software and Affected Versions: Reprise License Manager versions through 12.2BL2 Description: An issue was discovered in the Reprise License Manager, where attackers can use the web interface to read and write data to any file on disk, as long as rlm.exe has access to it, v...