19 matches found
Rocket TRUfusion Enterprise 安全漏洞
Rocket TRUfusion Enterprise is a product lifecycle management platform from Rocket USA. A security vulnerability exists in Rocket TRUfusion Enterprise version 7.10.4.0 and prior versions, which originates from exposing an internal management endpoint to an unauthenticated user, potentially leadin...
CVE-2025-34069
An authentication bypass vulnerability exists in GFI Kerio Control 9.4.5 due to insecure default proxy configuration and weak access control in the GFIAgent service. The non-transparent proxy on TCP port 3128 can be used to forward unauthenticated requests to internal services such as GFIAgent,...
CVE-2025-34069
An authentication bypass vulnerability exists in GFI Kerio Control 9.4.5 due to insecure default proxy configuration and weak access control in the GFIAgent service. The non-transparent proxy on TCP port 3128 can be used to forward unauthenticated requests to internal services such as GFIAgent,...
Buffer overflow
IQ Engine before 10.6r1 on Extreme Network AP devices has a Buffer Overflow in the implementation of the CAPWAP protocol that may be exploited to obtain elevated privileges to conduct remote code execution. Access to the internal management interface/subnet is required to conduct the exploit...
PT-2023-25324 · Extreme Networks · Iq Engine
Name of the Vulnerable Software and Affected Versions: Extreme Network AP devices IQ Engine versions prior to 10.6r1 Description: The issue is related to a Buffer Overflow in the implementation of the CAPWAP protocol. This may be exploited to obtain elevated privileges and conduct remote code...
CVE-2021-20990
In Fibaro Home Center 2 and Lite devices with firmware version 4.600 and older an internal management service is accessible on port 8000 and some API endpoints could be accessed without authentication to trigger a shutdown, a reboot or a reboot into recovery mode...
PT-2021-14319 · Fibaro · Fibaro Home Center Lite +1
Name of the Vulnerable Software and Affected Versions: Fibaro Home Center 2 and Lite versions 4.600 and older Description: The issue concerns an internal management service accessible on port 8000, where certain API endpoints can be accessed without authentication. This allows unauthorized action...
FIBARO Home Center 2 访问控制错误漏洞
FIBARO Home Center 2 is an application system of the Polish company FIBARO. A system integration system. A security vulnerability exists in Fibaro Home Center 2 that allows can access internal management services on port 8000, can access some API endpoints without authentication, which triggers a...
FiberHome HG6245D devices default configuration issue vulnerability
FiberHome HG6245D devices is a router from FiberHome, China. It provides network connectivity. A default configuration issue vulnerability exists in the FiberHome HG6245D devices, which can be exploited by an attacker to gain access to the internal management interface...
CVE-2021-27170
An issue was discovered on FiberHome HG6245D devices through RP2613. By default, there are no firewall rules for IPv6 connectivity, exposing the internal management interfaces to the Internet...
CVE-2021-27170
An issue was discovered on FiberHome HG6245D devices through RP2613. By default, there are no firewall rules for IPv6 connectivity, exposing the internal management interfaces to the Internet...
Default credentials
An issue was discovered on FiberHome HG6245D devices through RP2613. By default, there are no firewall rules for IPv6 connectivity, exposing the internal management interfaces to the Internet...
FiberHome HG6245D devices 默认配置问题漏洞
FiberHome HG6245D devices is a router from FiberHome, China. It provides network connectivity. A default configuration issue vulnerability exists in the FiberHome HG6245D devices, which can be exploited by an attacker to gain access to the internal management interface...
SQL Injection Vulnerability in Jinwei Smart Restaurant System (CNVD-2020-22749)
Jinwei Intelligent Restaurant System is an internal management system for all major and small restaurants. Jinwei Intelligent Restaurant System suffers from a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive information from the database...
SQL Injection Vulnerability in Jinwei Smart Restaurant System (CNVD-2020-22748)
Jinwei Intelligent Restaurant System is an internal management system for all major and small restaurants. Jinwei Intelligent Restaurant System suffers from a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive information from the database...
SQL Injection Vulnerability in Jinwei Smart Restaurant System (CNVD-2020-22747)
Jinwei Intelligent Restaurant System is an internal management system for all major and small restaurants. Jinwei Intelligent Restaurant System suffers from a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive information from the database...
SQL Injection Vulnerability in Jinwei Smart Restaurant System (CNVD-2020-22266)
Jinwei Intelligent Restaurant System is an internal management system for all major and small restaurants. Jinwei Intelligent Restaurant System suffers from a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive information from the database...
SQL Injection Vulnerability in Jinwei Smart Restaurant System (CNVD-2020-22746)
Jinwei Intelligent Restaurant System is an internal management system for all major and small restaurants. Jinwei Intelligent Restaurant System suffers from a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive information from the database...
WebLogic Internal Management Servlet Authentication Bypass
Binary data 1455.prm...