61 matches found
EUVD-2012-6247
Malware in sbrugna...
EUVD-2015-0607
Malware in sbrugna...
EUVD-2007-1637
Malware in sbrugna...
EUVD-2007-2200
Malware in sbrugna...
EUVD-2007-2193
Malware in sbrugna...
CVE-2013-5482
Cisco Prime LAN Management Solution LMS does not properly restrict use of IFRAME elements, which makes it easier for remote attackers to conduct clickjacking attacks and unspecified other attacks via a crafted web site, related to a "cross-frame scripting XFS" issue, aka Bug ID CSCug77823...
CVE-2012-6392
Cisco Prime LAN Management Solution LMS 4.1 through 4.2.2 on Linux does not properly validate authentication and authorization requests in TCP sessions, which allows remote attackers to execute arbitrary commands via a crafted session, aka Bug ID CSCuc79779...
Tenda AC500 安全漏洞
Tenda AC500 is the wireless controller device introduced, designed for small and medium-sized businesses, with support for managing wireless networks across VLANs. Tenda AC500 suffers from a command injection vulnerability that stems from the cmdinput parameter of the formexeCommand method failin...
Critical, Unpatched Cisco Flaw Leaves Small Business Networks Wide Open
A critical and unpatched vulnerability in the widely deployed Cisco Small Business Switch software leaves the door open to remote, unauthenticated attackers gaining full administrative control over the device – and therefore the network. Cisco Small Business Switches were developed for small offi...
Design/Logic Flaw
An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N 7.0 1.1.0 devices. Authenticated attackers can crash router services e.g., inetd, HTTP, DNS, and UPnP via long JSON data for firewall lanmanage mac2...
Cisco Prime LAN Management Solution Session Fixation Vulnerability
According to its self-reported version, the Cisco Prime LAN Management Solution LMS is affected by one or more vulnerabilities. Please see the included Cisco BIDs and the Cisco Security Advisory for more information. C Tenable Network Security, Inc. include"compat.inc"; if description...
Cisco Prime LAN Management Solution Session Fixation Vulnerability
Cisco Prime LAN Management Solution LMS is a LAN-based network management solution from Cisco. The solution can configure, manage, monitor and maintain the network. A session fixation vulnerability exists in the networking functionality in Cisco Prime LMS, which originates when a program reuses a...
Session fixation
A vulnerability in the web functionality of the Cisco Prime LAN Management Solution could allow an authenticated, remote attacker to hijack another user's administrative session, aka a Session Fixation Vulnerability. The vulnerability is due to the reuse of a preauthentication session token as pa...
CVE-2017-12225
A vulnerability in the web functionality of the Cisco Prime LAN Management Solution could allow an authenticated, remote attacker to hijack another user's administrative session, aka a Session Fixation Vulnerability. The vulnerability is due to the reuse of a preauthentication session token as pa...
CVE-2017-12225
A vulnerability in the web functionality of the Cisco Prime LAN Management Solution could allow an authenticated, remote attacker to hijack another user's administrative session, aka a Session Fixation Vulnerability. The vulnerability is due to the reuse of a preauthentication session token as pa...
CVE-2017-12225
CVE-2017-12225 affects Cisco Prime LAN Management Solution (LMS) session handling. The issue arises from reusing a preauthentication session token in the postauthentication flow, allowing an authenticated remote attacker to hijack another user’s administrative session (Session Fixation). Affected...
Cisco Prime LAN Management Solution Session Fixation Vulnerability
A vulnerability in the web functionality of the Cisco Prime LAN Management Solution could allow an authenticated, remote attacker to hijack another user's administrative session. The vulnerability is due to the reuse of a preauthentication session token as part of the postauthentication session. ...
Cisco Prime LAN Management Solution Java Object Deserialization RCE (CSCux34647)
The Cisco Prime Lan Management Solution LMS running on the remote web server is affected by a remote code execution vulnerability due to unsafe deserialize calls of unauthenticated Java objects to the Apache Commons Collections ACC library. An unauthenticated, remote attacker can exploit this, by...
CVE-2016-1360
Cisco Prime LAN Management Solution LMS through 4.2.5 uses the same database decryption key across different customers' installations, which allows local users to obtain cleartext data by leveraging console connectivity, aka Bug ID CSCuw85390...
Design/Logic Flaw
Cisco Prime LAN Management Solution LMS through 4.2.5 uses the same database decryption key across different customers' installations, which allows local users to obtain cleartext data by leveraging console connectivity, aka Bug ID CSCuw85390...