Lucene search
+L

175 matches found

Positive Technologies
Positive Technologies
added 2022/12/15 12:0 a.m.11 views

PT-2022-19673 · Unknown · Lansweeper

Name of the Vulnerable Software and Affected Versions: Lansweeper version 10.1.1.0 Description: A directory traversal issue exists in the HelpdeskActions.aspx edittemplate functionality. This can be triggered by a specially-crafted HTTP request, potentially leading to arbitrary file upload. An...

9.9CVSS8.5AI score0.60199EPSS
Exploits1References3
NCSC
NCSC
added 2022/12/15 12:0 a.m.7 views

Vulnerabilities fixed in Lansweeper

Vulnerabilities have been fixed in Lansweeper. The vulnerabilities allow a malicious party to access sensitive data and to execute arbitrary code execute arbitrary code under administrator/root privileges. The vulnerabilities marked CVE-2022-32573 and CVE-2022-29517 are exploited by sending a rog...

9.9CVSS8AI score0.60199EPSS
Exploits5
Talos Blog
Talos Blog
added 2022/12/01 3:47 p.m.28 views

Vulnerability Spotlight: Lansweeper directory traversal and cross-site scripting vulnerabilities

Marcin Icewall Noga of Cisco Talos discovered these vulnerabilities. Cisco Talos recently discovered several directory traversal and cross-site scripting vulnerabilities in Lansweeper. Lansweeper is an IT Asset Management solution that gathers hardware and software information of computers and...

0.1AI score0.60199EPSS
Exploits5
CNNVD
CNNVD
added 2022/12/01 12:0 a.m.7 views

Lansweeper 路径遍历漏洞

Lansweeper is an IT asset management system from Lansweeper Belgium. The system includes features such as IT asset discovery and network settings scanning. A path traversal vulnerability exists in Lansweeper version 10.1.1.0, which stems from the presence of a path than there, a specially crafted...

9.9CVSS8.4AI score0.60199EPSS
Exploits1References3
CNNVD
CNNVD
added 2022/12/01 12:0 a.m.10 views

Lansweeper 跨站脚本漏洞

Lansweeper is an IT asset management system from Lansweeper Belgium. The system includes features such as IT asset discovery and network settings scanning. A security vulnerability exists in Lansweeper version 10.1.1.0. An attacker can exploit the vulnerability to inject arbitrary Javascript code...

9.1CVSS8AI score0.01125EPSS
Exploits1References3
Talos
Talos
added 2022/12/01 12:0 a.m.66 views

Lansweeper lansweeper AssetActions.aspx directory traversal vulnerability

Talos Vulnerability Report TALOS-2022-1528 Lansweeper lansweeper AssetActions.aspx directory traversal vulnerability December 1, 2022 CVE Number CVE-2022-32573 SUMMARY A directory traversal vulnerability exists in the AssetActions.aspx addDoc functionality of Lansweeper lansweeper 10.1.1.0. A...

9.9CVSS9.1AI score0.0369EPSS
Exploits1
Talos
Talos
added 2022/12/01 12:0 a.m.44 views

Lansweeper lansweeper KnowledgebasePageActions.aspx ImportArticles directory traversal vulnerability

Talos Vulnerability Report TALOS-2022-1530 Lansweeper lansweeper KnowledgebasePageActions.aspx ImportArticles directory traversal vulnerability December 1, 2022 CVE Number CVE-2022-29511 SUMMARY A directory traversal vulnerability exists in the KnowledgebasePageActions.aspx ImportArticles...

9.1CVSS6.9AI score0.02483EPSS
Exploits1
CNNVD
CNNVD
added 2022/12/01 12:0 a.m.8 views

Lansweeper 跨站脚本漏洞

Lansweeper is an IT asset management system from Lansweeper Belgium. The system includes features such as IT asset discovery and network settings scanning. A security vulnerability exists in Lansweeper version 10.1.1.0, which stems from the presence of stored cross-site scripting, where a special...

9.1CVSS7.5AI score0.0112EPSS
Exploits1References3
CNNVD
CNNVD
added 2022/12/01 12:0 a.m.5 views

Lansweeper 路径遍历漏洞

Lansweeper is an IT asset management system from Lansweeper Belgium. The system includes features such as IT asset discovery and network settings scanning. A path traversal vulnerability exists in Lansweeper AssetActions. An attacker could exploit this vulnerability to upload arbitrary files via ...

9.9CVSS8.4AI score0.0369EPSS
Exploits1References4
CNNVD
CNNVD
added 2022/12/01 12:0 a.m.5 views

Lansweeper 路径遍历漏洞

Lansweeper is an IT asset management system from Lansweeper Belgium. The system includes features such as IT asset discovery and network settings scanning. A path traversal vulnerability exists in Lansweeper version 10.1.1.0, which stems from the presence of a path than there, a specially crafted...

9.1CVSS7.8AI score0.02483EPSS
Exploits1References3
Talos
Talos
added 2022/12/01 12:0 a.m.33 views

Lansweeper lansweeper TicketTemplateActions.aspx GetTemplateAttachment directory traversal vulnerability

Talos Vulnerability Report TALOS-2022-1531 Lansweeper lansweeper TicketTemplateActions.aspx GetTemplateAttachment directory traversal vulnerability December 1, 2022 CVE Number CVE-2022-27498 SUMMARY A directory traversal vulnerability exists in the TicketTemplateActions.aspx GetTemplateAttachment...

9.1CVSS6.9AI score0.38338EPSS
Exploits0
Talos
Talos
added 2022/12/01 12:0 a.m.46 views

Lansweeper lansweeper HelpdeskActions.aspx edittemplate directory traversal vulnerability

Talos Vulnerability Report TALOS-2022-1529 Lansweeper lansweeper HelpdeskActions.aspx edittemplate directory traversal vulnerability December 1, 2022 CVE Number CVE-2022-29517 SUMMARY A directory traversal vulnerability exists in the HelpdeskActions.aspx edittemplate functionality of Lansweeper...

9.9CVSS9.2AI score0.60199EPSS
Exploits1
CNNVD
CNNVD
added 2022/12/01 12:0 a.m.4 views

Lansweeper 路径遍历漏洞

Lansweeper is an IT asset management system from Lansweeper Belgium. The system includes features such as IT asset discovery and network settings scanning. A path traversal vulnerability exists in Lansweeper version 10.1.1.0, which stems from the presence of directory traversal, where a specially...

9.1CVSS7.8AI score0.38338EPSS
Exploits0References4
Talos
Talos
added 2022/12/01 12:0 a.m.57 views

Lansweeper lansweeper SanitizeHtml cross-site scripting (XSS) vulnerability

Talos Vulnerability Report TALOS-2022-1541 Lansweeper lansweeper SanitizeHtml cross-site scripting XSS vulnerability December 1, 2022 CVE Number CVE-2022-32763 SUMMARY A cross-site scripting xss sanitization vulnerability bypass exists in the SanitizeHtml functionality of Lansweeper lansweeper...

9.1CVSS6.7AI score0.01125EPSS
Exploits1
Talos
Talos
added 2022/12/01 12:0 a.m.48 views

Lansweeper lansweeper HdConfigActions.aspx altertextlanguages stored cross-site scripting vulnerability

Talos Vulnerability Report TALOS-2022-1532 Lansweeper lansweeper HdConfigActions.aspx altertextlanguages stored cross-site scripting vulnerability December 1, 2022 CVE Number CVE-2022-28703 SUMMARY A stored cross-site scripting vulnerability exists in the HdConfigActions.aspx altertextlanguages...

9.1CVSS5.9AI score0.0112EPSS
Exploits1
Check Point Advisories
Check Point Advisories
added 2022/11/09 12:0 a.m.15 views

Lansweeper SQL Injection (CVE-2022-21210)

An SQL injection vulnerability exists in Lansweeper. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...

6.5CVSS5.1AI score0.71227EPSS
Exploits1
Check Point Advisories
Check Point Advisories
added 2022/11/09 12:0 a.m.25 views

Lansweeper SQL Injection (CVE-2022-21234)

An SQL injection vulnerability exists in Lansweeper. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...

6.5CVSS5.1AI score0.72601EPSS
Exploits1
CNVD
CNVD
added 2022/04/25 12:0 a.m.19 views

Lansweeper Cross-Site Scripting Vulnerability

Lansweeper is an IT asset management system from Lansweeper Belgium. The system includes features such as IT asset discovery, network settings scanning, etc. A cross-site scripting vulnerability exists in Lansweeper 9.1.20.2, which stems from a failure to adequately clean user-supplied data in...

3.5CVSS0.8AI score0.77778EPSS
Exploits1Affected Software1
Check Point Advisories
Check Point Advisories
added 2022/04/20 12:0 a.m.5 views

Lansweeper WebUserActions Cross-Site Scripting (CVE-2022-21145)

A stored cross-site scripting vulnerability exists in Lansweeper. The vulnerability is due to insufficient sanitization of the loginmessage and loginfootertext parameters...

3.5CVSS1.9AI score0.77778EPSS
Exploits1
OSV
OSV
added 2022/04/14 8:15 p.m.5 views

CVE-2022-22149

A SQL injection vulnerability exists in the HelpdeskEmailActions.aspx functionality of Lansweeper lansweeper 9.1.20.2. A specially-crafted HTTP request can cause SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability...

8.8CVSS5.9AI score0.72601EPSS
Exploits1References2
Rows per page
Query Builder