480 matches found
CVE-2024-2420 LenelS2 NetBox Hardcoded Credentials
LenelS2 NetBox access control and event monitoring system was discovered to contain Hardcoded Credentials in versions prior to and including 5.6.1 which allows an attacker to bypass authentication requirements...
LenelS2 NetBox
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION : Exploitable remotely/low attack complexity Vendor : LenelS2 Equipment : NetBox Vulnerabilities : Use of Hard-coded Password, OS Command Injection, Argument Injection 2. RISK EVALUATION Successful exploitation of these vulnerabilities could...
NetBox Security Vulnerability
NetBox is a Django, PostgreSql based tool for IP Address Management IPAM and Data Center Infrastructure Management DCIM from the NetBox community. A security vulnerability exists in LenelS2 NetBox 5.6.1 and earlier versions that stems from the presence of a remote code execution vulnerability...
NetBox Security Vulnerability
NetBox is a Django, PostgreSql based tool for IP Address Management IPAM and Data Center Infrastructure Management DCIM from the NetBox community. A security vulnerability exists in LenelS2 NetBox 5.6.1 and earlier versions, which stems from the use of hard-coded passwords, allowing an attacker t...
NetBox Security Vulnerability
NetBox is a Django, PostgreSql based tool for IP Address Management IPAM and Data Center Infrastructure Management DCIM from the NetBox community. A security vulnerability exists in LenelS2 NetBox 5.6.1 and earlier versions that stems from the presence of a remote code execution vulnerability...
PT-2024-3979
Name of the Vulnerable Software and Affected Versions LenelS2 NetBox versions prior to and including 5.6.1 Description The issue is related to an unauthenticated remote code execution RCE that allows an attacker to execute malicious commands with elevated permissions. It is associated with the...
PT-2024-3978
Name of the Vulnerable Software and Affected Versions LenelS2 NetBox versions prior to and including 5.6.1 Description The issue is related to an authenticated remote code execution RCE that allows an attacker to execute malicious commands. It is associated with the injection or modification of...
PT-2024-3980
Name of the Vulnerable Software and Affected Versions LenelS2 NetBox versions prior to and including 5.6.1 Description The issue is related to hardcoded credentials in the LenelS2 NetBox access control and event monitoring system. This allows an attacker to bypass authentication requirements. The...
Exploit for CVE-2024-23780
CVE-2024-23780 Exploit for Netbox This script exploits CVE-20...
PT-2024-20080 · Netbox · Netbox
Name of the Vulnerable Software and Affected Versions: NetBox affected versions not specified Description: The issue affects NetBox's security landscape. There is no information about the estimated number of potentially affected devices worldwide or real-world incidents where this issue was...
CVE-2024-0948
DISPUTED A vulnerability, which was classified as problematic, has been found in NetBox up to 3.7.0. This issue affects some unknown processing of the file /core/config-revisions of the component Home Page Configuration. The manipulation with the input test leads to cross site scripting. The atta...
CVE-2024-0948
DISPUTED A vulnerability, which was classified as problematic, has been found in NetBox up to 3.7.0. This issue affects some unknown processing of the file /core/config-revisions of the component Home Page Configuration. The manipulation with the input test leads to cross site scripting. The atta...
Cross site scripting
A vulnerability, which was classified as problematic, has been found in NetBox up to 3.7.0. This issue affects some unknown processing of the file /core/config-revisions of the component Home Page Configuration. The manipulation with the input test leads to cross site scripting. The attack may be...
CVE-2024-0948 NetBox Home Page Configuration config-revisions cross site scripting
DISPUTED A vulnerability, which was classified as problematic, has been found in NetBox up to 3.7.0. This issue affects some unknown processing of the file /core/config-revisions of the component Home Page Configuration. The manipulation with the input test leads to cross site scripting. The atta...
CVE-2024-0948 NetBox Home Page Configuration config-revisions cross site scripting
DISPUTED A vulnerability, which was classified as problematic, has been found in NetBox up to 3.7.0. This issue affects some unknown processing of the file /core/config-revisions of the component Home Page Configuration. The manipulation with the input test leads to cross site scripting. The atta...
CVE-2024-0948
NetBox is affected up to version 3.7.0 by a vulnerability in the /core/config-revisions handler that can lead to cross-site scripting when processing input such as test. Descriptions consistently indicate the issue is a XSS flaw resulting from unknown processing in the Home Page Configuration com...
PT-2024-15929 · Netbox · Netbox
Name of the Vulnerable Software and Affected Versions: NetBox versions up to 3.7.0 Description: A problematic issue has been found in the processing of the file /core/config-revisions of the component Home Page Configuration. The manipulation with the input test leads to cross site scripting. The...
NetBox Cross-Site Scripting Vulnerability
NetBox is a Django, PostgreSql based tool for IP Address Management IPAM and Data Center Infrastructure Management DCIM from the NetBox community. A cross-site scripting vulnerability exists in NetBox 3.7.0 and earlier versions, which stems from /core/config-revisions in the component Home Page...
nautobot-bgp-models (>=0.7.0 <=1.0.0), nautobot-capacity-metrics (>=1.1.0 <=2.1.1) +26 more potentially affected by CVE-2023-50263 via nautobot (>=1.2.11 <=1.6.32)
nautobot PYPI version =1.2.11, =0.7.0, =1.1.0, =1.6.0, =1.0.0, =1.0.1, =1.0.0, =1.0.0, =1.0.0, =1.1.0, =1.0.0, =0.9.0, =1.1.0, =1.2.1 and more Source cves: CVE-2023-50263 Source advisory: OSV:PYSEC-2023-286...
CVE-2023-36234
Cross Site Scripting XSS vulnerability in Netbox 3.5.1, allows attackers to execute arbitrary code via Name field in device-roles/add function...