Lucene search
K

105 matches found

Positive Technologies
Positive Technologies
added 2024/01/10 12:0 a.m.5 views

PT-2024-14349 · Tenda · Tenda Ax1803

Name of the Vulnerable Software and Affected Versions: Tenda AX1803 version 1.0.0.1 Description: The issue is related to a stack overflow that can occur via the iptv.stb.port parameter in the setIptvInfo function. Recommendations: For Tenda AX1803 version 1.0.0.1, avoid using the iptv.stb.port...

9.8CVSS9.3AI score0.00701EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2023/10/03 9:15 p.m.5 views

CVE-2023-33268

An issue was discovered in DTS Monitoring 3.57.0. The parameter port within the SSL Certificate check function is vulnerable to OS command injection blind...

9.8CVSS7.3AI score0.01241EPSS
Exploits1References2
OSV
OSV
added 2023/10/03 9:15 p.m.6 views

CVE-2023-33268

An issue was discovered in DTS Monitoring 3.57.0. The parameter port within the SSL Certificate check function is vulnerable to OS command injection blind...

9.8CVSS5.8AI score0.01241EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2023/10/03 12:0 a.m.6 views

PT-2023-24252 · Unknown · Dts Monitoring

Name of the Vulnerable Software and Affected Versions: DTS Monitoring version 3.57.0 Description: An issue was discovered in the SSL Certificate check function where the port parameter is vulnerable to OS command injection, specifically blind command injection. Recommendations: For DTS Monitoring...

9.8CVSS9.8AI score0.01241EPSS
Exploits1References4
CNNVD
CNNVD
added 2023/10/03 12:0 a.m.5 views

DTS Monitoring Operating System Command Injection Vulnerability

DTS Monitoring is an information system monitoring platform from DTS Corporation. An operating system command injection vulnerability exists in DTS Monitoring version 3.57.0, which originates from the port parameter in the SSL certificate checking function being susceptible to operating system...

9.8CVSS7.4AI score0.01241EPSS
Exploits1References2
Prion
Prion
added 2023/09/22 11:15 p.m.21 views

Command injection

D-LINK DIR-806 1200M11AC wireless router DIR806A1FW100CNb11 is vulnerable to command injection due to lax filtering of REMOTEPORT parameters...

7.5CVSS9.7AI score0.02403EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2022/11/25 8:15 p.m.4 views

CVE-2022-44843

TOTOlink A7100RU V7.4cu.2313B20191024 was discovered to contain a command injection vulnerability via the port parameter in the setting/setOpenVpnClientCfg function...

9.8CVSS5.8AI score0.01958EPSS
Exploits1References1
NVD
NVD
added 2022/11/25 8:15 p.m.26 views

CVE-2022-44843

TOTOlink A7100RU V7.4cu.2313B20191024 was discovered to contain a command injection vulnerability via the port parameter in the setting/setOpenVpnClientCfg function...

9.8CVSS0.01958EPSS
Exploits1References1
Prion
Prion
added 2022/11/25 8:15 p.m.18 views

Command injection

TOTOlink A7100RU V7.4cu.2313B20191024 was discovered to contain a command injection vulnerability via the port parameter in the setting/setOpenVpnClientCfg function...

7.5CVSS9.8AI score0.01958EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologies
added 2022/11/25 12:0 a.m.5 views

PT-2022-27322 · Totolink · Totolink A7100Ru

Name of the Vulnerable Software and Affected Versions: TOTOlink A7100RU version 7.4cu.2313 B20191024 Description: A command injection issue was found via the port parameter in the setting/setOpenVpnClientCfg function. This allows for potential command injection attacks. Recommendations: For...

9.8CVSS9.6AI score0.01958EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2022/11/25 12:0 a.m.9 views

CVE-2022-44843

TOTOlink A7100RU V7.4cu.2313B20191024 was discovered to contain a command injection vulnerability via the port parameter in the setting/setOpenVpnClientCfg function...

9.8AI score0.01958EPSS
Exploits1References1
CVE
CVE
added 2022/11/25 12:0 a.m.64 views

CVE-2022-44843

The CVE-2022-44843 entry applies to TOTOLINK A7100RU devices (firmware around V7.4cu.2313_B20191024). The vulnerability is a command injection in the OpenVPN client configuration routine, exploitable via the port parameter in the setting/setOpenVpnClientCfg function. CVSS 3.1 base score 9.8 (Impa...

9.8CVSS9.7AI score0.01958EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2022/07/12 2:15 p.m.3 views

CVE-2021-36668

URL injection in Driva inSync 6.9.0 for MacOS, allows attackers to force a visit to an arbitrary url via the port parameter to the Electron App...

7.8CVSS5.9AI score0.00572EPSS
Exploits1References3
CNNVD
CNNVD
added 2022/07/12 12:0 a.m.4 views

Druva 注入漏洞

Druva is a large-scale SaaS platform from US-based Druva, Inc. bringing the simplicity, scalability and security of the public cloud to enterprise data protection and management. A security vulnerability exists in Druva version 6.9.0 that stems from a URL injection vulnerability in the inSync...

7.8CVSS7.8AI score0.00572EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2022/03/28 11:15 p.m.1 views

CVE-2022-26641

TP-LINK TL-WR840NESV6.20 was discovered to contain a buffer overflow via the httpRemotePort parameter...

7.2CVSS7.3AI score0.01234EPSS
Exploits1References2
NVD
NVD
added 2021/08/10 8:15 p.m.25 views

CVE-2021-37389

Chamilo 1.11.14 allows stored XSS via main/install/index.php and main/install/ajax.php through the port parameter...

6.1CVSS0.01025EPSS
Exploits1References2
OSV
OSV
added 2021/08/10 8:15 p.m.14 views

CVE-2021-37389

Chamilo 1.11.14 allows stored XSS via main/install/index.php and main/install/ajax.php through the port parameter...

6.1CVSS5.6AI score
Exploits0References2
Prion
Prion
added 2021/08/10 8:15 p.m.12 views

Design/Logic Flaw

Chamilo 1.11.14 allows stored XSS via main/install/index.php and main/install/ajax.php through the port parameter...

4.3CVSS5.9AI score0.01025EPSS
Exploits1References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2021/08/10 8:15 p.m.2 views

CVE-2021-37389

Chamilo 1.11.14 allows stored XSS via main/install/index.php and main/install/ajax.php through the port parameter...

6.1CVSS6.4AI score0.01025EPSS
Exploits1References3
Cvelist
Cvelist
added 2021/08/10 7:2 p.m.31 views

CVE-2021-37389

Chamilo 1.11.14 allows stored XSS via main/install/index.php and main/install/ajax.php through the port parameter...

6.8AI score0.01025EPSS
Exploits1References2
Rows per page
Query Builder