29 matches found
CVE-2024-48861
CVE-2024-48861 describes an OS command injection affecting QuRouter. Affected versions are QuRouter prior to 2.4.4.106. The vulnerability allows a local network attacker to execute commands through the affected component, with a high impact on confidentiality, integrity, and availability per CVSS...
CVE-2024-48861 QHora
An OS command injection vulnerability has been reported to affect several product versions. If exploited, the vulnerability could allow local network attackers to execute commands. We have already fixed the vulnerability in the following versions: QuRouter 2.4.4.106 and later...
CVE-2024-48861 QHora
An OS command injection vulnerability has been reported to affect several product versions. If exploited, the vulnerability could allow local network attackers to execute commands. We have already fixed the vulnerability in the following versions: QuRouter 2.4.4.106 and later...
CVE-2024-50395 Media Streaming add-on
An authorization bypass through user-controlled key vulnerability has been reported to affect Media Streaming add-on. If exploited, the vulnerability could allow local network attackers to gain privilege. We have already fixed the vulnerability in the following version: Media Streaming add-on...
PT-2024-33249 · Qurouter · Qurouter
Name of the Vulnerable Software and Affected Versions: QuRouter versions prior to 2.4.4.106 Description: An OS command injection issue has been reported, potentially allowing local network attackers to execute commands if exploited. Recommendations: For QuRouter versions prior to 2.4.4.106, updat...
CVE-2024-6895
Insufficient authentication in user account management in Yugabyte Platform allows local network attackers with a compromised user session to change critical security information without re-authentication. An attacker with user session and access to application can modify settings such as passwor...
CVE-2024-6895
CVE-2024-6895 affects Yugabyte Platform: Insufficient authentication in user account management could allow a local-network attacker with a compromised session to change critical security settings (e.g., password, email) without re-authenticating, enabling account takeover. Exploitation details a...
CVE-2024-6895 Insecure Account Profile Management
Insufficient authentication in user account management in Yugabyte Platform allows local network attackers with a compromised user session to change critical security information without re-authentication. An attacker with user session and access to application can modify settings such as passwor...
Elecom elecom lan 安全漏洞
ELECOM lan is a router from ELECOM Japan. A security vulnerability exists in elecom lan routers that allows network-adjacent authenticated attackers to bypass access restrictions and access the product's management screens via unspecified vectors. The following products and versions are affected:...