17 matches found
EUVD-2022-29534
Malicious code in bioql PyPI...
EUVD-2022-29532
Malicious code in bioql PyPI...
EUVD-2022-29535
Malicious code in bioql PyPI...
CVE-2022-24657
Goldshell ASIC Miners v2.1.x was discovered to contain hardcoded credentials which allow attackers to remotely connect via the SSH protocol port 22...
CVE-2022-24659
Goldshell ASIC Miners v2.2.1 and below was discovered to contain a path traversal vulnerability which allows unauthenticated attackers to retrieve arbitrary files from the device...
CVE-2022-24659
Goldshell ASIC Miners v2.2.1 and below was discovered to contain a path traversal vulnerability which allows unauthenticated attackers to retrieve arbitrary files from the device...
CVE-2022-24659
Goldshell ASIC Miners v2.2.1 and below was discovered to contain a path traversal vulnerability which allows unauthenticated attackers to retrieve arbitrary files from the device...
CVE-2022-24657
Goldshell ASIC Miners v2.1.x was discovered to contain hardcoded credentials which allow attackers to remotely connect via the SSH protocol port 22...
Hardcoded credentials
Goldshell ASIC Miners v2.1.x was discovered to contain hardcoded credentials which allow attackers to remotely connect via the SSH protocol port 22...
Path traversal
Goldshell ASIC Miners v2.2.1 and below was discovered to contain a path traversal vulnerability which allows unauthenticated attackers to retrieve arbitrary files from the device...
Information disclosure
The debug interface of Goldshell ASIC Miners v2.2.1 and below was discovered to be exposed publicly on the web interface, allowing attackers to access passwords and other sensitive information in plaintext...
CVE-2022-24660
CVE-2022-24660 affects Goldshell ASIC Miners (v2.2.1 and earlier). The root cause is a debug interface exposed publicly via the web interface, enabling attackers to access passwords and other sensitive information in plaintext. The CVE entry notes network attack potential with high impact to conf...
CVE-2022-24660
The debug interface of Goldshell ASIC Miners v2.2.1 and below was discovered to be exposed publicly on the web interface, allowing attackers to access passwords and other sensitive information in plaintext...
CVE-2022-24659
CVE-2022-24659 affects Goldshell ASIC Miners 2.2.1 and earlier. The issue is a path traversal vulnerability that allows unauthenticated attackers to retrieve arbitrary files from the device. The NVD entry documents a NETWORK attack vector with LOW attack complexity and no privileges or user inter...
CVE-2022-24657
CVE-2022-24657 affects Goldshell ASIC Miners v2.1.x, where hardcoded credentials enable remote SSH access (port 22). The root cause is the presence of embedded credentials in the device firmware, as documented across multiple sources in the connected set (NVD/Red Hat/CVE listings, CNNVD). Impact ...
CVE-2022-24657
Goldshell ASIC Miners v2.1.x was discovered to contain hardcoded credentials which allow attackers to remotely connect via the SSH protocol port 22...
Goldshell ASIC Miners 安全漏洞
Goldshell ASIC Miners is a mining host from the Chinese company Goldshell. A security vulnerability exists in Goldshell ASIC Miners v2.2.1 and below, which stems from a debugging interface that was found to be publicly exposed on a web interface, allowing an attacker to access passwords and other...