Lucene search
K

183 matches found

NVD
NVD
added 2020/11/09 1:15 a.m.13 views

CVE-2020-28349

An inaccurate frame deduplication process in ChirpStack Network Server 3.9.0 allows a malicious gateway to perform uplink Denial of Service via malformed frequency attributes in CollectAndCallOnceCollect in internal/uplink/collect.go. NOTE: the vendor's position is that there are no "guarantees...

6.8CVSS6.5AI score0.02175EPSS
Exploits1References3
OSV
OSV
added 2020/11/09 1:15 a.m.6 views

CVE-2020-28349

An inaccurate frame deduplication process in ChirpStack Network Server 3.9.0 allows a malicious gateway to perform uplink Denial of Service via malformed frequency attributes in CollectAndCallOnceCollect in internal/uplink/collect.go. NOTE: the vendor's position is that there are no "guarantees...

6.5CVSS6.5AI score
Exploits0References3
Prion
Prion
added 2020/11/09 1:15 a.m.14 views

Design/Logic Flaw

An inaccurate frame deduplication process in ChirpStack Network Server 3.9.0 allows a malicious gateway to perform uplink Denial of Service via malformed frequency attributes in CollectAndCallOnceCollect in internal/uplink/collect.go. NOTE: the vendor's position is that there are no "guarantees...

6.8CVSS6.4AI score0.02175EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2020/11/09 12:54 a.m.72 views

CVE-2020-28349

CVE-2020-28349 affects ChirpStack Network Server 3.9.0. The issue is an inaccurate frame deduplication in internal/uplink/collect.go, allowing a malicious gateway to cause uplink DoS via malformed frequency attributes in CollectAndCallOnceCollect. Public sources (Red Hat, Veracode, CNVD, PT-Secur...

6.8CVSS6.4AI score0.02175EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2020/11/09 12:54 a.m.15 views

CVE-2020-28349

An inaccurate frame deduplication process in ChirpStack Network Server 3.9.0 allows a malicious gateway to perform uplink Denial of Service via malformed frequency attributes in CollectAndCallOnceCollect in internal/uplink/collect.go. NOTE: the vendor's position is that there are no "guarantees...

6.5AI score0.02175EPSS
Exploits1References3
CNVD
CNVD
added 2020/11/09 12:0 a.m.1 views

ChirpStack Network Server Denial of Service Vulnerability

ChirpStack Network Server is an open source LoRaWAN service for individual developers. The software is used in the wireless connectivity aspect of the Internet of Things and is characterized by low power consumption, long range and high capacity. A security vulnerability exists in ChirpStack...

6.8CVSS6.7AI score0.02175EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2020/11/09 12:0 a.m.3 views

PT-2020-16991 · Chirpstack · Chirpstack Network Server

Name of the Vulnerable Software and Affected Versions: ChirpStack Network Server version 3.9.0 Description: The issue is related to an inaccurate frame deduplication process, allowing a malicious gateway to perform an uplink Denial of Service via malformed frequency attributes in the...

6.8CVSS6.6AI score0.02175EPSS
Exploits1References6
BDU FSTEC
BDU FSTEC
added 2020/08/26 12:0 a.m.4 views

The vulnerability of the NPort IAW5000A-I/O Series web server software lies in the lack of protection for service data, which allows attackers to disclose the protected information.

The vulnerability of the NPort IAW5000A-I/O Series web server software is related to the lack of protection for operational data. Exploiting this vulnerability can allow a malicious actor to disclose the protected information remotely...

5.3CVSS5.4AI score
Exploits0References1Affected Software1
CNVD
CNVD
added 2020/08/10 12:0 a.m.2 views

Lindy 42633 Authentication Bypass Vulnerability

The Lindy 42633 is a 4-port USB 2.0 Gigabit network server. An authentication bypass vulnerability exists in the Lindy 42633 2.078.000. An attacker on the same network can exploit this vulnerability to bypass authentication via a web management request that lacks a password parameter...

8.8CVSS7.2AI score0.00875EPSS
Exploits0References1
NVD
NVD
added 2020/08/07 10:15 p.m.12 views

CVE-2020-15061

Lindy 42633 4-Port USB 2.0 Gigabit Network Server 2.078.000 devices allow an attacker on the same network to denial-of-service the device via long input values...

6.5CVSS6.5AI score0.00459EPSS
Exploits0References1
NVD
NVD
added 2020/08/07 10:15 p.m.14 views

CVE-2020-15059

Lindy 42633 4-Port USB 2.0 Gigabit Network Server 2.078.000 devices allow an attacker on the same network to bypass authentication via a web-administration request that lacks a password parameter...

8.8CVSS8.9AI score0.00875EPSS
Exploits0References1
OSV
OSV
added 2020/08/07 10:15 p.m.2 views

CVE-2020-15059

Lindy 42633 4-Port USB 2.0 Gigabit Network Server 2.078.000 devices allow an attacker on the same network to bypass authentication via a web-administration request that lacks a password parameter...

8.8CVSS5.8AI score0.00875EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2020/08/07 10:15 p.m.1 views

CVE-2020-15059

Lindy 42633 4-Port USB 2.0 Gigabit Network Server 2.078.000 devices allow an attacker on the same network to bypass authentication via a web-administration request that lacks a password parameter...

8.8CVSS8.2AI score0.00875EPSS
Exploits0References3
NVD
NVD
added 2020/08/07 10:15 p.m.10 views

CVE-2020-15057

TP-Link USB Network Server TL-PS310U devices before 2.079.000.t0210 allow an attacker on the same network to denial-of-service the device via long input values...

6.5CVSS6.5AI score0.00459EPSS
Exploits0References1
OSV
OSV
added 2020/08/07 10:15 p.m.2 views

CVE-2020-15057

TP-Link USB Network Server TL-PS310U devices before 2.079.000.t0210 allow an attacker on the same network to denial-of-service the device via long input values...

6.5CVSS6.6AI score
Exploits0References1
OSV
OSV
added 2020/08/07 10:15 p.m.2 views

CVE-2020-15056

TP-Link USB Network Server TL-PS310U devices before 2.079.000.t0210 allow an attacker on the same network to conduct persistent XSS attacks by leveraging administrative privileges to set a crafted server name...

4.3CVSS5.8AI score
Exploits0References1
NVD
NVD
added 2020/08/07 10:15 p.m.15 views

CVE-2020-15056

TP-Link USB Network Server TL-PS310U devices before 2.079.000.t0210 allow an attacker on the same network to conduct persistent XSS attacks by leveraging administrative privileges to set a crafted server name...

4.3CVSS4.4AI score0.00343EPSS
Exploits0References1
OSV
OSV
added 2020/08/07 10:15 p.m.3 views

CVE-2020-15055

TP-Link USB Network Server TL-PS310U devices before 2.079.000.t0210 allow an attacker on the same network to bypass authentication via a web-administration request that lacks a password parameter...

8.8CVSS7.3AI score0.00894EPSS
Exploits0References1
Prion
Prion
added 2020/08/07 10:15 p.m.16 views

Cross site scripting

TP-Link USB Network Server TL-PS310U devices before 2.079.000.t0210 allow an attacker on the same network to conduct persistent XSS attacks by leveraging administrative privileges to set a crafted server name...

2.3CVSS4.4AI score0.00343EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2020/08/07 10:15 p.m.12 views

Authentication flaw

TP-Link USB Network Server TL-PS310U devices before 2.079.000.t0210 allow an attacker on the same network to bypass authentication via a web-administration request that lacks a password parameter...

8.3CVSS8.8AI score0.00894EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder