CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Information leak in Mbedthis AppWeb HTTP server 1.0 through 1.1.2 allows remote attackers to obtain sensitive information via a user message that is generated when Mbedthis denies access...

5CVSS6.5AI score0.00306EPSS

Exploits0References1

Exploit DB•added 2024/02/02 12:0 a.m.•318 views

Electrolink FM/DAB/TV Transmitter (Login Cookie) - Authentication Bypass

Electrolink FM/DAB/TV Transmitter Login Cookie Authentication Bypass Vendor: Electrolink s.r.l. Product web page: https://www.electrolink.com Affected version: 10W, 100W, 250W, Compact DAB Transmitter 500W, 1kW, 2kW Medium DAB Transmitter 2.5kW, 3kW, 4kW, 5kW High Power DAB Transmitter 100W, 500W...

7.4AI score

Exploits0

Exploit DB•added 2024/02/02 12:0 a.m.•368 views

Electrolink FM/DAB/TV Transmitter - Pre-Auth MPFS Image Remote Code Execution

Electrolink FM/DAB/TV Transmitter Pre-Auth MPFS Image Remote Code Execution Vendor: Electrolink s.r.l. Product web page: https://www.electrolink.com Affected version: 10W, 100W, 250W, Compact DAB Transmitter 500W, 1kW, 2kW Medium DAB Transmitter 2.5kW, 3kW, 4kW, 5kW High Power DAB Transmitter 100...

7.4AI score

Exploits0

Exploit DB•added 2024/02/02 12:0 a.m.•296 views

Electrolink FM/DAB/TV Transmitter (login.htm/mail.htm) - Credentials Disclosure

Electrolink FM/DAB/TV Transmitter login.htm/mail.htm Credentials Disclosure Vendor: Electrolink s.r.l. Product web page: https://www.electrolink.com Affected version: 10W, 100W, 250W, Compact DAB Transmitter 500W, 1kW, 2kW Medium DAB Transmitter 2.5kW, 3kW, 4kW, 5kW High Power DAB Transmitter 100...

7.4AI score

Exploits0

0day.today•added 2023/10/02 12:0 a.m.•313 views

Electrolink FM/DAB/TV Transmitter (controlloLogin.js) Credential Disclosure Vulnerability

Electrolink FM/DAB/TV Transmitter suffers from a disclosure of clear-text credentials in controlloLogin.js that can allow security bypass and system access. Electrolink FM/DAB/TV Transmitter controlloLogin.js Credentials Disclosure Vendor: Electrolink s.r.l. Product web page:...

7.4AI score

Exploits0

Packet Storm•added 2023/10/02 12:0 a.m.•322 views

Electrolink FM/DAB/TV Transmitter (login.htm/mail.htm) Credential Disclosure

7.1AI score

Exploits0

0day.today•added 2023/10/02 12:0 a.m.•281 views

Electrolink FM/DAB/TV Transmitter Remote Authentication Removal Exploit

Electrolink FM/DAB/TV Transmitter suffers from an unauthenticated parameter manipulation that allows an attacker to set the credentials to blank giving her access to the admin panel. It is also vulnerable to account takeover and arbitrary password change. !/usr/bin/env python Electrolink FM/DAB/T...

7.7AI score

Exploits0

0day.today•added 2023/10/02 12:0 a.m.•266 views

Electrolink FM/DAB/TV Transmitter Vertical Privilege Escalation Vulnerability

Electrolink FM/DAB/TV Transmitter suffers from a privilege escalation vulnerability. An attacker can escalate his privileges by poisoning the Cookie from GUEST to ADMIN to effectively become Administrator or poisoning to ZSL to become Super Administrator. Electrolink FM/DAB/TV Transmitter Vertica...

7.4AI score

Exploits0

Packet Storm•added 2023/10/02 12:0 a.m.•296 views

Electrolink FM/DAB/TV Transmitter Vertical Privilege Escalation

Electrolink FM/DAB/TV Transmitter Vertical Privilege Escalation Vendor: Electrolink s.r.l. Product web page: https://www.electrolink.com Affected version: 10W, 100W, 250W, Compact DAB Transmitter 500W, 1kW, 2kW Medium DAB Transmitter 2.5kW, 3kW, 4kW, 5kW High Power DAB Transmitter 100W, 500W, 1kW...

7.1AI score

Exploits0

Packet Storm•added 2023/10/02 12:0 a.m.•257 views

Electrolink FM/DAB/TV Transmitter (Login Cookie) Authentication Bypass

7.1AI score

Exploits0

0day.today•added 2023/10/02 12:0 a.m.•285 views

Electrolink FM/DAB/TV Transmitter (login.htm/mail.htm) Credential Disclosure Vulnerability

The Electrolink FM/DAB/TV Transmitter suffers from a disclosure of clear-text credentials in login.htm and mail.htm that can allow security bypass and system access. Electrolink FM/DAB/TV Transmitter login.htm/mail.htm Credentials Disclosure Vendor: Electrolink s.r.l. Product web page:...

7.4AI score

Exploits0

0day.today•added 2023/10/02 12:0 a.m.•290 views

Electrolink FM/DAB/TV Transmitter (Login Cookie) Authentication Bypass Vulnerability

Electrolink FM/DAB/TV Transmitter suffers from an authentication bypass vulnerability affecting the Login Cookie. An attacker can set an arbitrary value except NO to the Login Cookie and have full system access. Electrolink FM/DAB/TV Transmitter Login Cookie Authentication Bypass Vendor:...

7.7AI score

Exploits0

Zero Science Lab•added 2023/09/30 12:0 a.m.•287 views

Electrolink FM/DAB/TV Transmitter Vertical Privilege Escalation

Summary Since 1990 Electrolink has been dealing with design and manufacturing of advanced technologies for radio and television broadcasting. The most comprehensive products range includes: FM Transmitters, DAB Transmitters, TV Transmitters for analogue and digital multistandard operation, Bandpa...

8.8CVSS5.7AI score0.00142EPSS

Exploits1

Zero Science Lab•added 2023/09/30 12:0 a.m.•301 views

Electrolink FM/DAB/TV Transmitter SuperAdmin Hidden Functionality

8.7CVSS5.7AI score0.00039EPSS

Exploits1

F5 Networks•added 2023/02/21 6:11 p.m.•46 views

K15904: Multiple third-party application-server vulnerabilities

Security Advisory Description CVE-2003-1418 Apache HTTP Server 1.3.22 through 1.3.27 on OpenBSD allows remote attackers to obtain sensitive information via 1 the ETag header, which reveals the inode number, or 2 multipart MIME boundary, which reveals child proccess IDs PID. CVE-2004-2320 The...

8.1CVSS7.3AI score0.66511EPSS

Exploits3Affected Software17

RedhatCVE•added 2015/10/30 9:28 a.m.•30 views

CVE-2007-3008

Mbedthis AppWeb before 2.2.2 enables the HTTP TRACE method, which has unspecified impact probably related to remote information leaks and cross-site tracing XST attacks, a related issue to CVE-2004-2320 and CVE-2005-3398...

5.8CVSS7.1AI score0.39542EPSS

Exploits2References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by