969 matches found
CVE-2024-28354
There is a command injection vulnerability in the TRENDnet TEW-827DRU router with firmware version 2.10B01. An attacker can inject commands into the post request parameters usapps.@smb%d.username in the apply.cgi interface, thereby gaining root shell privileges...
CVE-2024-28353
There is a command injection vulnerability in the TRENDnet TEW-827DRU router with firmware version 2.10B01. An attacker can inject commands into the post request parameters usapps.config.smbadminname in the apply.cgi interface, thereby gaining root shell privileges...
CVE-2024-2414 Unprotected Primary Channel vulnerability in Movistar 4G router
The primary channel is unprotected on Movistar 4G router affecting E version SWLD71-T1v2.0.201820. This device has the 'adb' service open on port 5555 and provides access to a shell with root privileges...
PT-2024-20291 · Telefonica · Movistar 4G Router
Name of the Vulnerable Software and Affected Versions: Movistar 4G router version S WLD71-T1 v2.0.201820 Description: The issue concerns an unprotected primary channel on the Movistar 4G router, which has the 'adb' service open on port 5555. This provides access to a shell with root privileges,...
Siemens SCALANCE SC-600 Family
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...
Exploit for Out-of-bounds Write in Polkit_Project Polkit
CVE-2021-4034 One day for the polkit privilege escalation expl...
Exploit for OS Command Injection in Tp-Link Archer_Vr1600V_Firmware
Archer TP-Link VR1600V Router Local Remote Command Execution E...
Exploit for Path Traversal in Cisco Sd-Wan_Vbond_Orchestrator
CVE-2022-20818: Local Privilege Escalation via Partial File Re...
Siemens SCALANCE W700 Improper Neutralization of Special Elements in Output Used By a Downstream Component (CVE-2023-44373)
A vulnerability has been identified in RUGGEDCOM RM1224 LTE4G EU, RUGGEDCOM RM1224 LTE4G NAM, SCALANCE M804PB, SCALANCE M812-1 ADSL- Router Annex A, SCALANCE M812-1 ADSL-Router Annex B, SCALANCE M816-1 ADSL-Router Annex A, SCALANCE M816-1 ADSL-Router Annex B, SCALANCE M826-2 SHDSL-Router, SCALANC...
Multiple Siemens Products Input Validation Error Vulnerability (CNVD-2023-86591)
The SCALANCE M-800, MUM-800 and S615 and the RUGGEDCOM RM1224 are industrial routers.The SCALANCE W products are wireless communication devices for connecting industrial components, such as Programmable Logic Controllers PLCs or Human Machine Interfaces HMIs, that comply with the IEEE 802.11...
CVE-2023-44373
Affected devices do not properly sanitize an input field. This could allow an authenticated remote attacker with administrative privileges to inject code or spawn a system root shell. Follow-up of CVE-2022-36323...
CVE-2023-44373
Affected devices do not properly sanitize an input field. This could allow an authenticated remote attacker with administrative privileges to inject code or spawn a system root shell. Follow-up of CVE-2022-36323...
Input validation
Affected devices do not properly sanitize an input field. This could allow an authenticated remote attacker with administrative privileges to inject code or spawn a system root shell. Follow-up of CVE-2022-36323...
CVE-2023-44373
Affected devices do not properly sanitize an input field. This could allow an authenticated remote attacker with administrative privileges to inject code or spawn a system root shell. Follow-up of CVE-2022-36323...
Siemens SCALANCE 注入漏洞
The SCALANCE M-800, MUM-800 and S615 and the RUGGEDCOM RM1224 are industrial routers.The SCALANCE W products are wireless communication devices for connecting industrial components, such as Programmable Logic Controllers PLCs or Human Machine Interfaces HMIs, that comply with the IEEE 802.11...
CVE-2023-41255
The vulnerability allows an unprivileged user with access to the subnet of the TPC-110W device to gain a root shell on the device itself abusing the lack of authentication of the ‘su’ binary file installed on the device that can be accessed through the ADB Android Debug Bridge protocol exposed on...
Authentication flaw
The vulnerability allows an unprivileged user with access to the subnet of the TPC-110W device to gain a root shell on the device itself abusing the lack of authentication of the ‘su’ binary file installed on the device that can be accessed through the ADB Android Debug Bridge protocol exposed on...
CVE-2023-41255
The vulnerability allows an unprivileged user with access to the subnet of the TPC-110W device to gain a root shell on the device itself abusing the lack of authentication of the ‘su’ binary file installed on the device that can be accessed through the ADB Android Debug Bridge protocol exposed on...
CVE-2023-41255
CVE-2023-41255 affects the TPC-110W device (Bosch context appears in sources). The issue allows an unprivileged user with subnet access to obtain a root shell by abusing the lack of authentication of the su binary exposed via ADB (Android Debug Bridge). The connected documents provide this core t...
CVE-2023-41255
The vulnerability allows an unprivileged user with access to the subnet of the TPC-110W device to gain a root shell on the device itself abusing the lack of authentication of the ‘su’ binary file installed on the device that can be accessed through the ADB Android Debug Bridge protocol exposed on...