1019 matches found
CVE-2025-58066 DoS Vulnerability in ntpd-rs
nptd-rs is a tool for synchronizing your computer's clock, implementing the NTP and NTS protocols. In versions between 1.2.0 and 1.6.1 inclusive servers which allow non-NTS traffic are affected by a denial of service vulnerability, where an attacker can induce a message storm between two NTP...
GHSA-4855-Q42W-5VR4 DoS Vulnerability in ntpd-rs
Summary A denial of service vulnerability was discovered in ntpd-rs where an attacker can induce a message storm between two NTP servers running ntpd-rs. Details Since ntpd-rs version 1.2.0, when configured as a server, incorrectly responded to all NTP messages sent to the server's port with a ti...
ntpd-rs 安全漏洞
ntpd-rs is a Project Pendulum open source tool for synchronizing computer clocks with the NTP and NTS protocols. A security vulnerability exists in ntpd-rs versions 1.2.0 through 1.6.1, which stems from allowing non-NTS traffic and could lead to a denial of service attack...
PT-2025-35316
Name of the Vulnerable Software and Affected Versions ntpd-rs versions 1.2.0 through 1.6.1 Description ntpd-rs, a tool for synchronizing a computer's clock implementing the NTP and NTS protocols, contains a denial of service issue. When configured as a server, the software incorrectly responds to...
PT-2025-35134
Name of the Vulnerable Software and Affected Versions: Comfast CF-N1 version 2.6.0 Description: A flaw exists in the ntp timezone function within the /usr/bin/webmgnt file. Manipulation of the timestr argument can lead to command injection, potentially allowing for remote attacks. The exploit for...
CVE-2025-20348
A vulnerability in the REST API endpoints of Cisco Nexus Dashboard and Cisco Nexus Dashboard Fabric Controller NDFC could allow an authenticated, low-privileged, remote attacker to view sensitive information or upload and modify files on an affected device. This vulnerability exists because of...
CVE-2025-20347
A vulnerability in the REST API endpoints of Cisco Nexus Dashboard and Cisco Nexus Dashboard Fabric Controller NDFC could allow an authenticated, low-privileged, remote attacker to view sensitive information or upload and modify files on an affected device. This vulnerability exists because of...
CVE-2025-20347
A vulnerability in the REST API endpoints of Cisco Nexus Dashboard and Cisco Nexus Dashboard Fabric Controller NDFC could allow an authenticated, low-privileged, remote attacker to view sensitive information or upload and modify files on an affected device. This vulnerability exists because of...
PT-2025-34898 · Cisco · Cisco Nexus Dashboard +1
Name of the Vulnerable Software and Affected Versions: Cisco Nexus Dashboard and Cisco Nexus Dashboard Fabric Controller NDFC affected versions not specified Description: A vulnerability exists in the REST API endpoints of Cisco Nexus Dashboard and Cisco Nexus Dashboard Fabric Controller NDFC. Th...
Linux Distros Unpatched Vulnerability : CVE-2020-13817
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows remote attackers to cause a denial of service daemon exit or system time change by predicting transm...
Linux Distros Unpatched Vulnerability : CVE-2016-2517
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NTP before 4.2.8p7 and 4.3.x before 4.3.92 allows remote attackers to cause a denial of service prevent subsequent authentication by leveraging knowledge of the...
CVE-2025-55603
Tenda AX3 V16.03.12.10CN is vulnerable to Buffer Overflow in the fromSetSysTime function via the ntpServer parameter...
PT-2025-34439 · Tenda · Tenda Ax3
Name of the Vulnerable Software and Affected Versions: Tenda AX3 version V16.03.12.10 CN Description: The Tenda AX3 Router is susceptible to a buffer overflow condition in the fromSetSysTime function through manipulation of the ntpServer parameter. Recommendations: At the moment, there is no...
CVE-2025-55499
Tenda AC6 V15.03.06.23multi was discovered to contain a buffer overflow via the ntpServer parameter in the fromSetSysTime function...
The vulnerability of the System Time module in the D-LINK DIR-818LW router’s software management web interface allows a hacker to execute arbitrary commands.
The vulnerability of the System Time module in the D-LINK DIR-818LW router’s software management web interface is related to the lack of measures taken to neutralize special elements during the processing of the NTP Server parameter. Exploiting this vulnerability allows a remote attacker to execu...
D-Link DIR-818LW Command Injection Vulnerability
The D-Link DIR-818LW is a dual-band Gigabit cloud router that supports wireless standards such as IEEE 802.11ac and IEEE 802.11n, with a wireless transfer rate of up to 433Mbps, and also provides one USB 2.0 port and four Gigabit wired ports. The D-Link DIR-818LW suffers from a command injection...
CVE-2025-34132
A command injection vulnerability exists in LILIN Digital Video Recorder DVR devices prior to firmware version 2.0b6020200207 via the Server field in the NTPUpdate configuration. The web service at /z/zbin/dvrbox fails to properly sanitize input, allowing remote attackers to inject and execute...
CVE-2025-34129
A command injection vulnerability exists in LILIN Digital Video Recorder DVR devices prior to firmware version 2.0b6020200207 due to insufficient sanitization of the FTP and NTP Server fields in the service configuration. An attacker with access to the configuration interface can upload a malicio...
CVE-2023-3036
An unchecked read in NTP server in github.com/cloudflare/cfnts prior to commit 783490b https://github.com/cloudflare/cfnts/commit/783490b913f05e508a492cd7b02e3c4ec2297b71 enabled a remote attacker to trigger a panic by sending an NTSAuthenticator packet with extension length longer than the packe...
📄 ABB Cylon Aspect 3.08.03 Time Manipulation
ABB Cylon Aspect MIX's NTPServlet allows NTP config changes via the Host: 127.0.0.1 bypass, writing attacker-controlled hosts to NTPTickers and syncing the system clock. A malicious NTP server can manipulate time, enabling DoS or time-based attacks. Version 3.08.03 is affected. ABB Cylon Aspect...