51 matches found
Siemens LOGO! CMR and SIMATIC RTU 3000 Use of Insufficiently Random Values (CVE-2021-37186)
A vulnerability has been identified in LOGO! CMR2020 All versions V2.2, LOGO! CMR2040 All versions V2.2, SIMATIC RTU3010C All versions V4.0.9, SIMATIC RTU3030C All versions V4.0.9, SIMATIC RTU3031C All versions V4.0.9, SIMATIC RTU3041C All versions V4.0.9. The underlying TCP/IP stack does not...
Spoofing Attack
lemonldap is vulnerable to spoofing attack. The vulnerability exists in the underlying tcp/ip stack where an attacker with network access to the LAN interface of an affected device could hijack and ingoing connection or spoof a new one...
CVE-2022-26413
A command injection vulnerability in the CGI program of Zyxel VMG3312-T20A firmware version 5.30ABFX.5C0 could allow a local authenticated attacker to execute arbitrary OS commands on a vulnerable device via a LAN interface...
Command injection
A command injection vulnerability in the CGI program of Zyxel VMG3312-T20A firmware version 5.30ABFX.5C0 could allow a local authenticated attacker to execute arbitrary OS commands on a vulnerable device via a LAN interface...
CVE-2022-26413
The CVE-2022-26413 issue affects Zyxel VMG3312-T20A devices, where a command injection in the CGI program (firmware 5.30(ABFX.5)C0) could allow a local authenticated attacker to run arbitrary OS commands via the LAN interface. Red Hat's advisory confirms the same vulnerability, reinforcing that a...
CVE-2022-26413
A command injection vulnerability in the CGI program of Zyxel VMG3312-T20A firmware version 5.30ABFX.5C0 could allow a local authenticated attacker to execute arbitrary OS commands on a vulnerable device via a LAN interface...
CVE-2021-4029
A command injection vulnerability in the CGI program of the Zyxel ARMOR Z1/Z2 firmware could allow an attacker to execute arbitrary OS commands via a LAN interface...
CVE-2021-4029
A command injection vulnerability in the CGI program of the Zyxel ARMOR Z1/Z2 firmware could allow an attacker to execute arbitrary OS commands via a LAN interface...
Command injection
A command injection vulnerability in the CGI program of the Zyxel ARMOR Z1/Z2 firmware could allow an attacker to execute arbitrary OS commands via a LAN interface...
CVE-2021-4029
CVE-2021-4029 concerns Zyxel ARMOR Z1/Z2 firmware where the CGI program is vulnerable to command injection over the LAN interface. The available documents identify the affected component as the CGI entry point within the Zyxel firmware and state that an attacker could execute arbitrary OS command...
CVE-2021-4029
A command injection vulnerability in the CGI program of the Zyxel ARMOR Z1/Z2 firmware could allow an attacker to execute arbitrary OS commands via a LAN interface...
Information disclosure
A vulnerability has been identified in LOGO! CMR2020 All versions V2.2, LOGO! CMR2040 All versions V2.2, SIMATIC RTU3010C All versions V4.0.9, SIMATIC RTU3030C All versions V4.0.9, SIMATIC RTU3031C All versions V4.0.9, SIMATIC RTU3041C All versions V4.0.9. The underlying TCP/IP stack does not...
Siemens LOGO! CMR and SIMATIC RTU 3000 (Update A)
1. EXECUTIVE SUMMARY CVSS v3 5.4 ATTENTION: Low attack complexity Vendor: Siemens Equipment: LOGO! CMR, SIMATIC RTU 3000 Vulnerability: Use of Insufficiently Random Values 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-21-257-13 Siemens LOGO! CMR...
DASAN H660RM Information Disclosure / Hardcoded Key Vulnerability
DASAN H660RM allows for unauthenticated ping access, has a hardcoded key for encryption, and logs sensitive information into /tmp. DASAN H660RM Information Disclosure / Hardcoded Key CVE-2019-9974: diagtool.cgi on DASAN H660RM devices with firmware 1.03-0022 allows spawning ping processes without...
CVE-2017-9466
The executable httpd on the TP-Link WR841N V8 router before TL-WR841NUNV8170210 contained a design flaw in the use of DES for block encryption. This resulted in incorrect access control, which allowed attackers to gain read-write access to system settings through the protected router configuratio...
TP-LINK TDDP Buffer Overflow / Missing Authentication
Advisory Information Title: TP-LINK TDDP Multiple Vulnerabilities Advisory ID: CORE-2016-0007 Advisory URL: http://www.coresecurity.com/advisories/tp-link-tddp-multiple-vulnerabilities Date published: 2016-11-21 Date of last update: 2016-11-18 Vendors contacted: TP-Link Release mode: User...
D-Link DIR-Series Routers - HNAP Login Stack Buffer Overflow (Metasploit)
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' Payload working status: MIPS: - all valid payloads working the ones that we are able to send without null bytes ARM: - inline rev/bind shell works...
Dlink DIR Routers Unauthenticated HNAP Login Stack Buffer Overflow
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' Payload working status: MIPS: - all valid payloads working the ones that we are able to send without null bytes ARM: - inline rev/bind shell works...
Dlink DIR Routers Unauthenticated HNAP Login Stack Buffer Overflow
Several Dlink routers contain a pre-authentication stack buffer overflow vulnerability, which is exposed on the LAN interface on port 80. This vulnerability affects the HNAP SOAP protocol, which accepts arbitrarily long strings into certain XML parameters and then copies them into the stack. This...
CVE-2016-6159
The management interface of Huawei WS331a routers with software before WS331a-10 V100R001C01B112 allows remote attackers to bypass authentication and obtain administrative access by sending "special packages" to the LAN interface...