699 matches found
SUSE CVE-2023-51589
BlueZ Audio Profile AVRCP parsemediaelement Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information via Bluetooth on affected installations of BlueZ. User interaction is required to exploit this vulnerability ...
PT-2023-7106 · NetGear · Netgear Cax30
Name of the Vulnerable Software and Affected Versions: NETGEAR CAX30 affected versions not specified Description: This issue allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR CAX30 routers. The specific flaw exists within the sso binary, resulting fr...
PT-2023-9544 · Cisco · Cisco Small Business Rv042G +3
Name of the Vulnerable Software and Affected Versions: Cisco Small Business RV042, RV042G, RV320, and RV325 Routers affected versions not specified Description: A vulnerability in the web-based management interface could allow an authenticated, Administrator-level, remote attacker to execute...
CVE-2023-20196
Two vulnerabilities in Cisco ISE could allow an authenticated, remote attacker to upload arbitrary files to an affected device. To exploit these vulnerabilities, an attacker must have valid Administrator credentials on the affected device. These vulnerabilities are due to improper validation of...
CVE-2023-20195
Two vulnerabilities in Cisco ISE could allow an authenticated, remote attacker to upload arbitrary files to an affected device. To exploit these vulnerabilities, an attacker must have valid Administrator credentials on the affected device. These vulnerabilities are due to improper validation of...
PT-2023-7119 · Cisco · Cisco Ise
Name of the Vulnerable Software and Affected Versions: Cisco ISE affected versions not specified Description: The issue is related to improper validation of files uploaded to the web-based management interface, allowing an authenticated, remote attacker to upload arbitrary files to an affected...
ABUS TVIP Security Vulnerability
ABUS TVIP is a series of video surveillance cameras from the German company ABUS. A security vulnerability exists in ABUS TVIP that stems from the presence of path traversal, which allows an attacker to write to a file to arbitrarily execute code with root privileges...
CVE-2023-44959
An issue found in D-Link DSL-3782 v.1.03 and before allows remote authenticated users to execute arbitrary code as root via the Router IP Address fields of the network settings page...
CVE-2023-43478
fakeupload.cgi on the Telstra Smart Modem Gen 2 Arcadyan LH1000, firmware versions 0.18.15r, allows unauthenticated attackers to upload firmware images and configuration backups, which could allow them to alter the firmware or the configuration on the device, ultimately leading to code execution ...
PT-2023-28838 · Telstra · Telstra Smart Modem Gen 2
Name of the Vulnerable Software and Affected Versions: Telstra Smart Modem Gen 2 Arcadyan LH1000 versions prior to 0.18.15r Description: The issue allows unauthenticated attackers to upload firmware images and configuration backups, potentially leading to code execution as root. This could enable...
D-Link DAP-2622 DDP Set SSID List RADIUS Server Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the DDP service. The issue results from the lack of proper validation ...
CVE-2023-41028
A stack-based buffer overflow exists in Juplink RX4-1500, a WiFi router, in versions 1.0.2 through 1.0.5. An authenticated attacker can exploit this vulnerability to achieve code execution as root...
PT-2023-26965 · Softing · Softing Secure Integration Server
Name of the Vulnerable Software and Affected Versions: Softing Secure Integration Server affected versions not specified Description: This issue allows remote attackers to create directories on affected installations, despite requiring authentication to exploit. The flaw exists within the handlin...
PT-2023-26966 · Softing · Softing Secure Integration Server
Name of the Vulnerable Software and Affected Versions: Softing Secure Integration Server affected versions not specified Description: This issue allows remote attackers to create arbitrary files on affected installations, despite requiring authentication, which can be bypassed. The flaw exists...
FreeBSD Security Vulnerabilities
FreeBSD is a set of Unix-like operating systems from the FreeBSD Foundation. A security vulnerability exists in FreeBSD versions 13.1 and 13.2, which stems from a buffer overflow vulnerability in the fwctl driver state machine. The vulnerability can be exploited to execute arbitrary code as root ...
PT-2023-7954 · D Link · D-Link G416
Name of the Vulnerable Software and Affected Versions: D-Link G416 affected versions not specified Description: This issue allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 wireless routers. The specific flaw exists within the HTTP service...
PT-2023-8303 · D Link · D-Link Dir-X3260
Name of the Vulnerable Software and Affected Versions: D-Link DIR-X3260 affected versions not specified Description: This issue allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. The flaw exists within the prog.cgi binary, which...
CVE-2023-36750
A vulnerability has been identified in RUGGEDCOM ROX MX5000 All versions V2.16.0, RUGGEDCOM ROX MX5000RE All versions V2.16.0, RUGGEDCOM ROX RX1400 All versions V2.16.0, RUGGEDCOM ROX RX1500 All versions V2.16.0, RUGGEDCOM ROX RX1501 All versions V2.16.0, RUGGEDCOM ROX RX1510 All versions V2.16.0...
CVE-2023-36754
A vulnerability has been identified in RUGGEDCOM ROX MX5000 All versions V2.16.0, RUGGEDCOM ROX MX5000RE All versions V2.16.0, RUGGEDCOM ROX RX1400 All versions V2.16.0, RUGGEDCOM ROX RX1500 All versions V2.16.0, RUGGEDCOM ROX RX1501 All versions V2.16.0, RUGGEDCOM ROX RX1510 All versions V2.16.0...
Siemens RUGGEDCOM ROX 系列多款产品 命令注入漏洞
RUGGEDCOM products offer a degree of robustness and reliability that sets the standard for communication networks deployed in harsh environments. A command injection vulnerability exists in the Siemens RUGGEDCOM ROX, which stems from a lack of server-side input validation, making the uninstall-ap...