Lucene search
K

30 matches found

RedhatCVE
RedhatCVE
added 2026/02/17 1:27 p.m.6 views

CVE-2026-2577

The WhatsApp bridge component in Nanobot binds the WebSocket server to all network interfaces 0.0.0.0 on port 3001 by default and does not require authentication for incoming connections. An unauthenticated remote attacker with network access to the bridge can connect to the WebSocket server to...

10CVSS5.7AI score0.00645EPSS
Exploits0References1
EUVD
EUVD
added 2026/02/16 12:30 p.m.8 views

EUVD-2026-6101

The WhatsApp bridge component in Nanobot binds the WebSocket server to all network interfaces 0.0.0.0 on port 3001 by default and does not require authentication for incoming connections. An unauthenticated remote attacker with network access to the bridge can connect to the WebSocket server to...

10CVSS5.7AI score0.00645EPSS
Exploits0References3
NVD
NVD
added 2026/02/16 10:16 a.m.5 views

CVE-2026-2577

The WhatsApp bridge component in Nanobot binds the WebSocket server to all network interfaces 0.0.0.0 on port 3001 by default and does not require authentication for incoming connections. An unauthenticated remote attacker with network access to the bridge can connect to the WebSocket server to...

10CVSS0.00645EPSS
Exploits0References2
OSV
OSV
added 2026/02/16 10:16 a.m.6 views

CVE-2026-2577

The WhatsApp bridge component in Nanobot binds the WebSocket server to all network interfaces 0.0.0.0 on port 3001 by default and does not require authentication for incoming connections. An unauthenticated remote attacker with network access to the bridge can connect to the WebSocket server to...

10CVSS5.7AI score
Exploits0References2
CVE
CVE
added 2026/02/16 9:51 a.m.22 views

CVE-2026-2577

The CVE concerns Nanobot’s WhatsApp bridge component, where the WebSocket server binds to all interfaces (0.0.0.0) on port 3001 by default and requires no authentication. An unauthenticated remote attacker with network access to the bridge can connect to the WebSocket server to hijack the WhatsAp...

10CVSS5.7AI score0.00645EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/02/16 9:51 a.m.3 views

CVE-2026-2577 Nanobot Unauthenticated WhatsApp Session Hijack via WebSocket Bridge

The WhatsApp bridge component in Nanobot binds the WebSocket server to all network interfaces 0.0.0.0 on port 3001 by default and does not require authentication for incoming connections. An unauthenticated remote attacker with network access to the bridge can connect to the WebSocket server to...

10CVSS5.7AI score0.00645EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/02/16 9:51 a.m.27 views

CVE-2026-2577 Nanobot Unauthenticated WhatsApp Session Hijack via WebSocket Bridge

The WhatsApp bridge component in Nanobot binds the WebSocket server to all network interfaces 0.0.0.0 on port 3001 by default and does not require authentication for incoming connections. An unauthenticated remote attacker with network access to the bridge can connect to the WebSocket server to...

10CVSS0.00645EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/02/16 9:51 a.m.3 views

CVE-2026-2577

The WhatsApp bridge component in Nanobot binds the WebSocket server to all network interfaces 0.0.0.0 on port 3001 by default and does not require authentication for incoming connections. An unauthenticated remote attacker with network access to the bridge can connect to the WebSocket server to...

10CVSS5.7AI score0.00645EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/02/16 12:0 a.m.7 views

PT-2026-8330

Name of the Vulnerable Software and Affected Versions Nanobot versions prior to v0.1.3.post7 Description The WhatsApp bridge component in Nanobot binds the WebSocket server to all network interfaces 0.0.0.0 on port 3001 by default and does not require authentication for incoming connections. An...

10CVSS5.5AI score0.00645EPSS
Exploits0References14
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2017-6696

Malware in sbrugna...

7.5CVSS7.6AI score0.03609EPSS
Exploits3References2
RedhatCVE
RedhatCVE
added 2025/05/22 6:32 a.m.6 views

CVE-2017-14705

DenyAll WAF before 6.4.1 allows unauthenticated remote command execution via TCP port 3001 because shell metacharacters can be inserted into the type parameter to the tailDateFile function in /webservices/stream/tail.php. An iToken authentication parameter is required but can be obtained by...

9.8CVSS7.5AI score0.28243EPSS
Exploits3References1
CNNVD
CNNVD
added 2025/03/20 12:0 a.m.4 views

anything-llm 访问控制错误漏洞

anything-llm is an all-in-one desktop and Docker AI application open-sourced by Mintplex. An access control error vulnerability exists in the desktop version of anything-llm v1.5.11. The vulnerability stems from the application defaulting to open server port 3001 on 0.0.0.0 with no authentication...

9.8CVSS9.5AI score0.0078EPSS
Exploits1References2
BDU FSTEC
BDU FSTEC
added 2024/05/31 12:0 a.m.5 views

The vulnerability of the Ghost content management system, related to the lack of measures taken to protect the website structure, allows attackers to carry out XSS attacks.

The vulnerability of the Ghost content management system is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks by sending a specially created malicious SVG file containing JavaScript code to port...

4CVSS7.7AI score0.03485EPSS
Exploits1References5Affected Software1
Veracode
Veracode
added 2024/02/13 8:9 a.m.19 views

Cross-site Scripting (XSS)

ghost is vulnerable to Cross-Site Scripting. The vulnerability is due to missing santization during svg image upload. An attacker can upload a SVG profile picture containing JavaScript code which interacts with the API on localhost TCP port 3001, allowing a contributor to potentially take over an...

9CVSS6.8AI score0.03485EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2024/02/11 3:30 a.m.42 views

GHSA-99VC-XW8J-PHJM Ghost has possible Cross-site Scripting issue

Ghost through 5.76.0 allows stored XSS, and resultant privilege escalation in which a contributor can take over any account, via an SVG profile picture that contains JavaScript code to interact with the API on localhost TCP port 3001. NOTE: The discoverer reports that "The vendor does not view th...

6.5CVSS9.1AI score0.03485EPSS
Exploits1References5
NVD
NVD
added 2024/02/11 1:15 a.m.14 views

CVE-2024-23724

Ghost through 5.76.0 allows stored XSS, and resultant privilege escalation in which a contributor can take over any account, via an SVG profile picture that contains JavaScript code to interact with the API on localhost TCP port 3001. NOTE: The discoverer reports that "The vendor does not view th...

9CVSS6.6AI score0.03485EPSS
Exploits1References3
Prion
Prion
added 2024/02/11 1:15 a.m.29 views

Cross site scripting

Ghost through 5.76.0 allows stored XSS, and resultant privilege escalation in which a contributor can take over any account, via an SVG profile picture that contains JavaScript code to interact with the API on localhost TCP port 3001. NOTE: The discoverer reports that "The vendor does not view th...

7.5AI score0.03485EPSS
Exploits1References3
Cvelist
Cvelist
added 2024/02/11 12:0 a.m.18 views

CVE-2024-23724

Ghost through 5.76.0 allows stored XSS, and resultant privilege escalation in which a contributor can take over any account, via an SVG profile picture that contains JavaScript code to interact with the API on localhost TCP port 3001. NOTE: The discoverer reports that "The vendor does not view th...

6.9AI score0.03485EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2024/02/11 12:0 a.m.13 views

CVE-2024-23724

Ghost through 5.76.0 allows stored XSS, and resultant privilege escalation in which a contributor can take over any account, via an SVG profile picture that contains JavaScript code to interact with the API on localhost TCP port 3001. NOTE: The discoverer reports that "The vendor does not view th...

6.9AI score0.03485EPSS
Exploits1References3
Zero Day Initiative
Zero Day Initiative
added 2023/12/12 12:0 a.m.13 views

Extreme Networks HiveOS ah_auth Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Extreme Networks routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ahauth service, which listens on UDP port 3001. The issue results...

8.8CVSS7.5AI score0.00385EPSS
Exploits0References1
Rows per page
Query Builder