20 matches found
CVE-2026-58127
PACSgear MediaWriter 5.2.1 exposes a .NET Remoting TCP service on port 9000 via PacsgearMediaServerEngine.dll, registered with ObjectURIs RemoteObj and UIRemoteObj, without any authentication requirement. By exploiting the MarshalByRefObject object unmarshalling technique and implementing .NET...
CVE-2026-58127
PACSgear MediaWriter 5.2.1 exposes a .NET Remoting TCP service on port 9000 (PacsgearMediaServerEngine.dll) with ObjectURIs RemoteObj and UIRemoteObj and no authentication. An unauthenticated attacker can exploit MarshalByRefObject unmarshalling and implement .NET WebClient methods to read/write ...
CVE-2026-56413 OS Command Injection in StoneFly Storage Concentrator
Storage Concentrator SC & SCVM contains a command injection vulnerability in the msservice.pl service, which listens on TCP port 9000 by default and accepts custom network packets to perform device actions. An unauthenticated remote attacker can send a specially crafted packet containing a...
CVE-2026-49195
Unauthenticated Debug Service. The /sbin/mtkdut binary is exposed on TCP port 9000 without authentication, allowing any LAN-based attacker to execute arbitrary UCC commands...
CVE-2026-49195
Unauthenticated Debug Service. The /sbin/mtkdut binary is exposed on TCP port 9000 without authentication, allowing any LAN-based attacker to execute arbitrary UCC commands...
EUVD-2026-33261
Unauthenticated Debug Service. The /sbin/mtkdut binary is exposed on TCP port 9000 without authentication, allowing any LAN-based attacker to execute arbitrary UCC commands...
CVE-2026-49195
The CVE CVE-2026-49195 affects Predator Connect W6x devices, where the /sbin/mtk_dut binary is exposed on TCP port 9000 with no authentication. This unauthenticated debug service allows any LAN-based attacker to execute arbitrary UCC commands. The associated CVSS v4.0 metrics indicate high impact...
CVE-2025-35051
Newforma Project Center Server NPCS accepts serialized .NET data via the '/ProjectCenter.rem' endpoint on 9003/tcp, allowing a remote, unauthenticated attacker to execute arbitrary code with 'NT AUTHORITY\NetworkService' privileges. According to the recommended architecture, the vulnerable NPCS...
Linux Distros Unpatched Vulnerability : CVE-2023-47118
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ClickHouse is an open-source column-oriented database management system that allows generating analytical data reports in real-time. A heap buffer overflow issu...
CVE-2023-23453
Missing Authentication for Critical Function in SICK FX0-GENT v3 Firmware Version V3.04 and V3.05 allows an unprivileged remote attacker to achieve arbitrary remote code execution via maliciously crafted RK512 commands to the listener on TCP port 9000...
CVE-2021-20108
Manage Engine Asset Explorer Agent 1.0.34 listens on port 9000 for incoming commands over HTTPS from Manage Engine Server. The HTTPS certificates are not verified which allows any arbitrary user on the network to send commands over port 9000. While these commands may not be executed due to...
ClickHouse Security Breach
ClickHouse is ClickHouse's fastest and most resource-efficient open source database for real-time applications and analytics. A security vulnerability exists in ClickHouse that originates from an attacker being able to send a specially crafted payload to the publicly available native interface on...
PT-2023-30912 · Unknown +1 · Gorilla Codec +2
Name of the Vulnerable Software and Affected Versions: ClickHouse versions 23.3.18.15, 23.8.8.20, 23.9.6.20, 23.10.5.20 ClickHouse Cloud version 23.9.2.47551 Description: A heap buffer overflow issue was discovered in the ClickHouse server, allowing an attacker to send a specially crafted payload...
CVE-2023-47118
A heap buffer overflow vulnerability affecting the native interface running by default on port 9000/tcp. An attacker, by triggering a bug in the T64 compression codec, can cause the ClickHouse server process to crash. This vulnerability can be exploited without the need to authenticate. Fix has...
CVE-2023-23452
Missing Authentication for Critical Function in SICK FX0-GPNT v3 Firmware Version V3.04 and V3.05 allows an unprivileged remote attacker to achieve arbitrary remote code execution via maliciously crafted RK512 commands to the listener on TCP port 9000...
SICK FX0-GPNT 访问控制错误漏洞
The SICK FX0-GPNT00000 is a safety control module from SICK with a built-in Ethernet switch. A security vulnerability exists in the SICK FX0-GPNT v3 Firmware version V3.04, V3.05, which stems from a lack of authentication for critical functions. The vulnerability can be exploited by an attacker t...
SICK FX0-GENT 访问控制错误漏洞
The SICK FX0-GENT is a safety system for AGVs and AMRs from SICK Germany. A security vulnerability exists in SICK FX0-GENT v3 Firmware version V3.04, V3.05, which stems from a lack of authentication for critical functions. An attacker can exploit this vulnerability to achieve arbitrary remote cod...
thorn-linux
This is a Debian-based research and development platform for information security called Thorn Linux. It is designed to keep users up to date with the latest cybersecurity news while providing a hardened and anonymized penetration-testing environment. The platform includes a highly customized...
Multiple Swann Product Injection Vulnerabilities
The Swann DVR04B and others are a digital video recorder from Swann USA. An injection vulnerability exists in the raysharpdvr application in several Swann products, which can be exploited by remote attackers to execute arbitrary code via TCP port 9000...
The vulnerability of the Zhuhai RaySharp video surveillance software allows a intruder to gain access to protected information.
The software of the video surveillance device Zhuhai RaySharp has a default root user password. Exploiting this vulnerability allows a malicious actor to gain access to protected information via the TCP port 23 or 9000...