123 matches found
Mitsubishi IU1 Session Fixation (CVE-2020-5543)
TCP function included in the firmware of Mitsubishi Electric MELQIC IU1 series IU1-1M20-D firmware version 1.0.7 and earlier does not properly manage sessions, which allows remote attackers to stop the network functions or execute malware via a specially crafted packet. This plugin only works wit...
Mitsubishi Electric MELSEC iQ-R Null Pointer Dereference (CVE-2020-5655)
NULL pointer dereferences vulnerability in TCP/IP function included in the firmware of MELSEC iQ-R series RJ71EIP91 EtherNet/IP Network Interface Module First 2 digits of serial number are '02' or before, RJ71PN92 PROFINET IO Controller Module First 2 digits of serial number are '01' or before,...
Palo Alto Networks PAN-OS Operating System Command Injection Vulnerability (CNVD-2021-61953)
PAN-OS is an operating system designed specifically for the security and control of Palo Alto Networks firewalls, with a rich set of firewall, management and network features. An OS command parameter injection vulnerability exists in the web interface of PAN-OS. An attacker could exploit this...
Xuperchain has an unspecified vulnerability
Xuperchain is an application. It provides a blockchain infrastructure to build compliant blockchain network functions. version 3.6.0 of Xuperchain contains a security vulnerability that could be exploited by an attacker to obtain partial signatures in order to recover the private key of an...
Huawei eCNS280_TD Resource Management Error Vulnerability
Huawei eCNS280TD is the core network equipment of Huawei's wireless broadband trunking system in China. Based on Network Functions Virtualization NFV and cloud-based architecture design, it provides network functions of traditional core networks, but also provides capacity configurations for each...
New 5G Flaw Exposes Priority Networks to Location Tracking and Other Attacks
New research into 5G architecture has uncovered a security flaw in its network slicing and virtualized network functions that could be exploited to allow data access and denial of service attacks between different network slices on a mobile operator's 5G network. AdaptiveMobile shared its finding...
New 5G Flaw Exposes Priority Networks to Location Tracking and Other Attacks
New research into 5G architecture has uncovered a security flaw in its network slicing and virtualized network functions that could be exploited to allow data access and denial of service attacks between different network slices on a mobile operator's 5G network. AdaptiveMobile shared its finding...
CVE-2020-5645
Session fixation vulnerability in TCP/IP function included in the firmware of GT14 Model of GOT 1000 series GT1455-QTBDE CoreOS version "05.65.00.BD" and earlier, GT1450-QMBDE CoreOS version "05.65.00.BD" and earlier, GT1450-QLBDE CoreOS version "05.65.00.BD" and earlier, GT1455HS-QTBDE CoreOS...
CVE-2020-5647
Improper access control vulnerability in TCP/IP function included in the firmware of GT14 Model of GOT 1000 series GT1455-QTBDE CoreOS version ’05.65.00.BD’ and earlier, GT1450-QMBDE CoreOS version ’05.65.00.BD’ and earlier, GT1450-QLBDE CoreOS version ’05.65.00.BD’ and earlier, GT1455HS-QTBDE...
CVE-2020-5644
Buffer overflow vulnerability in TCP/IP function included in the firmware of GT14 Model of GOT 1000 series GT1455-QTBDE CoreOS version "05.65.00.BD" and earlier, GT1450-QMBDE CoreOS version "05.65.00.BD" and earlier, GT1450-QLBDE CoreOS version "05.65.00.BD" and earlier, GT1455HS-QTBDE CoreOS...
CVE-2020-5645
Session fixation vulnerability in TCP/IP function included in the firmware of GT14 Model of GOT 1000 series GT1455-QTBDE CoreOS version "05.65.00.BD" and earlier, GT1450-QMBDE CoreOS version "05.65.00.BD" and earlier, GT1450-QLBDE CoreOS version "05.65.00.BD" and earlier, GT1455HS-QTBDE CoreOS...
Buffer overflow
Buffer overflow vulnerability in TCP/IP function included in the firmware of GT14 Model of GOT 1000 series GT1455-QTBDE CoreOS version "05.65.00.BD" and earlier, GT1450-QMBDE CoreOS version "05.65.00.BD" and earlier, GT1450-QLBDE CoreOS version "05.65.00.BD" and earlier, GT1455HS-QTBDE CoreOS...
Improper access control
Improper access control vulnerability in TCP/IP function included in the firmware of GT14 Model of GOT 1000 series GT1455-QTBDE CoreOS version ’05.65.00.BD’ and earlier, GT1450-QMBDE CoreOS version ’05.65.00.BD’ and earlier, GT1450-QLBDE CoreOS version ’05.65.00.BD’ and earlier, GT1455HS-QTBDE...
Null pointer dereference
NULL pointer dereferences vulnerability in TCP/IP function included in the firmware of GT14 Model of GOT 1000 series GT1455-QTBDE CoreOS version "05.65.00.BD" and earlier, GT1450-QMBDE CoreOS version "05.65.00.BD" and earlier, GT1450-QLBDE CoreOS version "05.65.00.BD" and earlier, GT1455HS-QTBDE...
Design/Logic Flaw
Resource management error vulnerability in TCP/IP function included in the firmware of GT14 Model of GOT 1000 series GT1455-QTBDE CoreOS version "05.65.00.BD" and earlier, GT1450-QMBDE CoreOS version "05.65.00.BD" and earlier, GT1450-QLBDE CoreOS version "05.65.00.BD" and earlier, GT1455HS-QTBDE...
Session fixation
Session fixation vulnerability in TCP/IP function included in the firmware of GT14 Model of GOT 1000 series GT1455-QTBDE CoreOS version "05.65.00.BD" and earlier, GT1450-QMBDE CoreOS version "05.65.00.BD" and earlier, GT1450-QLBDE CoreOS version "05.65.00.BD" and earlier, GT1455HS-QTBDE CoreOS...
CVE-2020-5649
Resource management error vulnerability in TCP/IP function included in the firmware of GT14 Model of GOT 1000 series GT1455-QTBDE CoreOS version "05.65.00.BD" and earlier, GT1450-QMBDE CoreOS version "05.65.00.BD" and earlier, GT1450-QLBDE CoreOS version "05.65.00.BD" and earlier, GT1455HS-QTBDE...
CVE-2020-5647
CVE-2020-5647 corresponds to an improper access control vulnerability in the TCP/IP function of Mitsubishi Electric GOT1000 GT14 Series firmware. Affected models (CoreOS 05.65.00.BD and earlier) include GT1455-QTBDE, GT1450-QMBDE, GT1450-QLBDE, GT1455HS-QTBDE, and GT1450HS-QMBDE. The issue allows...
CVE-2020-5647
Improper access control vulnerability in TCP/IP function included in the firmware of GT14 Model of GOT 1000 series GT1455-QTBDE CoreOS version ’05.65.00.BD’ and earlier, GT1450-QMBDE CoreOS version ’05.65.00.BD’ and earlier, GT1450-QLBDE CoreOS version ’05.65.00.BD’ and earlier, GT1455HS-QTBDE...
CVE-2020-5646
NULL pointer dereferences vulnerability in TCP/IP function included in the firmware of GT14 Model of GOT 1000 series GT1455-QTBDE CoreOS version "05.65.00.BD" and earlier, GT1450-QMBDE CoreOS version "05.65.00.BD" and earlier, GT1450-QLBDE CoreOS version "05.65.00.BD" and earlier, GT1455HS-QTBDE...