90 matches found
CVE-2023-41918
A vulnerability allows unauthorized access to functionality inadequately constrained by ACLs. Attackers may exploit this to unauthenticated execute commands potentially leading to unauthorized data manipulation, access to privileged functions, or even the execution of arbitrary code...
CVE-2024-28813
An issue was discovered in Infinera hiT 7300 5.60.50. Undocumented privileged functions in the @CT management application allow an attacker to activate remote SSH access to the appliance via an unexpected network interface...
CVE-2024-28813
An issue was discovered in Infinera hiT 7300 5.60.50. Undocumented privileged functions in the @CT management application allow an attacker to activate remote SSH access to the appliance via an unexpected network interface...
CVE-2024-28813
An issue was discovered in Infinera hiT 7300 5.60.50. Undocumented privileged functions in the @CT management application allow an attacker to activate remote SSH access to the appliance via an unexpected network interface...
PT-2024-22585 · Infinera · Infinera Hit 7300
Name of the Vulnerable Software and Affected Versions: Infinera hiT 7300 version 5.60.50 Description: An issue was discovered in the Infinera hiT 7300, where undocumented privileged functions in the @CT management application allow an attacker to activate remote SSH access to the appliance via an...
CVE-2024-28813
The CVE-2024-28813 issue affects Infinera hiT 7300 running 5.60.50, where undocumented privileged functions in the @CT management application allow activation of remote SSH access to the appliance via an unexpected network interface. According to multiple sources (NVD/Red Hat/CVEs, CNNVD, and PT ...
PT-2024-5991 · Ibm · Ibm Security Directory Integrator +1
Name of the Vulnerable Software and Affected Versions: IBM Security Directory Integrator versions 7.2.0 IBM Security Verify Directory Integrator version 10.0.0 Description: The issue is related to the lack of authentication for certain functionality that requires a provable user identity or...
CVE-2023-41918
A vulnerability allows unauthorized access to functionality inadequately constrained by ACLs. Attackers may exploit this to unauthenticated execute commands potentially leading to unauthorized data manipulation, access to privileged functions, or even the execution of arbitrary code...
CVE-2023-41918 Missing Authentication for Critical Function in Kiloview P1/P2 devices
A vulnerability allows unauthorized access to functionality inadequately constrained by ACLs. Attackers may exploit this to unauthenticated execute commands potentially leading to unauthorized data manipulation, access to privileged functions, or even the execution of arbitrary code...
CVE-2023-41918
CVE-2023-41918 is linked to Kiloview P1/P2 devices. Multiple connected sources describe unauthenticated access to functionality inadequately constrained by ACLs, potentially enabling unauthenticated command execution, data manipulation, or access to privileged functions. Some documents allege bro...
Kiloview P1 and P2 Security Vulnerabilities
Kiloview P1 4G Video Encoder and Kiloview P2 4G Video Encoder are both professional video encoder devices from Kiloview China. A security vulnerability exists in the Kiloview P1 and P2. An attacker could exploit the vulnerability to execute unauthenticated commands that could manipulate data,...
PT-2023-14904 · Sguda · Sguda U-Lock
Name of the Vulnerable Software and Affected Versions: SGUDA U-Lock central lock control service affected versions not specified Description: The issue is related to incorrect authorization in the lock management function of the SGUDA U-Lock central lock control service. A remote attacker with...
PT-2023-2939 · Aiven · Aiven-Extras
Name of the Vulnerable Software and Affected Versions: aiven-extras versions prior to 1.1.9 Description: The issue is related to a privilege escalation vulnerability in the aiven-extras PostgreSQL extension. It allows a low-privileged user to elevate to superuser inside PostgreSQL databases that...
Delta Electronics DIAEnergie 授权问题漏洞
Delta Electronics DIAEnergie is an industrial energy management system from Delta Electronics Taiwan, China used to monitor and analyze energy consumption in real time, calculate energy consumption and load characteristics, optimize equipment performance, improve production processes and maximize...
Extensive permissions for owner
Lines of code Vulnerability details Impact & Proof Of Concepts / Implications Some privileged functions are often unavoidable in smart contracts. However, in these contracts, the privileges are unnecessarily very extensive and without checks on the smart contract side: 1. He can use ownerMint or...
Implementing Security Restrictions and Owner Access Controls on LPDA Smart Contract.
Lines of code Vulnerability details Vulnerability details Impact The new changes to the contract add an additional layer of security and restrict access to certain privileged functions. The buy function now requires that only the owner can purchase tokens, which prevents malicious actors from...
Siemens SICAM GridEdge Authentication Error Vulnerability (CNVD-2022-45216)
SICAM GridEdge enables IoT functionality in your existing IEC 61850 devices with just a few clicks.An authentication error vulnerability in Siemens SICAM GridEdge results from the fact that the affected software does not authenticate access to privileged functions, which can be exploited to creat...
CVE-2022-30230
A vulnerability has been identified in SICAM GridEdge Classic All versions V2.6.6. The affected application does not require authenticated access for privileged functions. This could allow an unauthenticated attacker to create a new user with administrative permissions...
CVE-2022-30229
A vulnerability has been identified in SICAM GridEdge Classic All versions V2.6.6. The affected application does not require authenticated access for privileged functions. This could allow an unauthenticated attacker to change data of a user, such as credentials, in case that user's id is known...
Design/Logic Flaw
A vulnerability has been identified in SICAM GridEdge Essential ARM All versions V2.6.6, SICAM GridEdge Essential Intel All versions V2.6.6, SICAM GridEdge Essential with GDS ARM All versions V2.6.6, SICAM GridEdge Essential with GDS Intel All versions V2.6.6. The affected software does not requi...