16 matches found
EUVD-2020-17710
Malware in sbrugna...
EUVD-2020-17711
Malware in sbrugna...
CVE-2020-25010
An arbitrary code execution vulnerability in Kyland KPS2204 6 Port Managed Din-Rail Programmable Serial Device Servers Software Version:R0002.P05 allows remote attackers to upload a malicious script file by constructing a POST type request and writing a payload in the request parameters as an...
CVE-2020-25011
A sensitive information disclosure vulnerability in Kyland KPS2204 6 Port Managed Din-Rail Programmable Serial Device Servers Software Version:R0002.P05 allows remote attackers to get username and password by request /cgi-bin/webadminget.cgi script via the browser...
CVE-2020-25010
An arbitrary code execution vulnerability in Kyland KPS2204 6 Port Managed Din-Rail Programmable Serial Device Servers Software Version:R0002.P05 allows remote attackers to upload a malicious script file by constructing a POST type request and writing a payload in the request parameters as an...
CVE-2020-25011
A sensitive information disclosure vulnerability in Kyland KPS2204 6 Port Managed Din-Rail Programmable Serial Device Servers Software Version:R0002.P05 allows remote attackers to get username and password by request /cgi-bin/webadminget.cgi script via the browser...
CVE-2020-25011
A sensitive information disclosure vulnerability in Kyland KPS2204 6 Port Managed Din-Rail Programmable Serial Device Servers Software Version:R0002.P05 allows remote attackers to get username and password by request /cgi-bin/webadminget.cgi script via the browser...
Design/Logic Flaw
An arbitrary code execution vulnerability in Kyland KPS2204 6 Port Managed Din-Rail Programmable Serial Device Servers Software Version:R0002.P05 allows remote attackers to upload a malicious script file by constructing a POST type request and writing a payload in the request parameters as an...
Information disclosure
A sensitive information disclosure vulnerability in Kyland KPS2204 6 Port Managed Din-Rail Programmable Serial Device Servers Software Version:R0002.P05 allows remote attackers to get username and password by request /cgi-bin/webadminget.cgi script via the browser...
CVE-2020-25011
A sensitive information disclosure vulnerability in Kyland KPS2204 6 Port Managed Din-Rail Programmable Serial Device Servers Software Version:R0002.P05 allows remote attackers to get username and password by request /cgi-bin/webadminget.cgi script via the browser...
CVE-2020-25011
Kyland KPS2204 6-Port DIN-Rail Serial Device Servers (Software Version R0002.P05) are associated with CVE-2020-25011, describing a sensitive information disclosure where remote attackers can obtain usernames and passwords by calling /cgi-bin/webadminget.cgi via a browser. Available documents show...
CVE-2020-25010
CVE-2020-25010 affects Kyland KPS2204 6-Port Managed DIN-Rail Programmable Serial Device Servers, Software Version R0002.P05. It enables arbitrary code execution by remote attackers who send a crafted POST request and embed a payload in request parameters to instruct the server to write a file. T...
CVE-2020-25010
An arbitrary code execution vulnerability in Kyland KPS2204 6 Port Managed Din-Rail Programmable Serial Device Servers Software Version:R0002.P05 allows remote attackers to upload a malicious script file by constructing a POST type request and writing a payload in the request parameters as an...
Kyland KPS2204 Code Issue Vulnerability
The Kyland KPS2204 is a programmable protocol converter developed for serial device networking applications by Kyland in Beijing, China. A security vulnerability exists in the Kyland KPS2204 6 Port Managed Din-Rail Programmable Device Servers Software Version:R0002.P05, which can be exploited by ...
Command Execution Vulnerability in KPS2204 at Beijing Eastland Technology Co.
The KPS2204 is a programmable protocol converter developed specifically for serial device networking applications. A command execution vulnerability exists in the KPS2204 of Beijing Eastland Technology Co. Ltd. that can be exploited by an attacker to execute arbitrary commands...
Command Execution Vulnerability in KPS2204-2T4D-L3-L3
The KPS2204-2T4D-L3-L3 is a protocol converter device that integrates Ethernet and serial data transmission. The KPS2204-2T4D-L3-L3 suffers from a command execution vulnerability that can be exploited by an attacker to gain root privileges on the device...