CVE-2019-16864

CompleteFTPService.exe in the server in EnterpriseDT CompleteFTP before 12.1.4 allows Remote Code Execution by leveraging a Windows user account that has SSH access. The exec command is always run as SYSTEM...

Enterprise Distributed Technologies CompleteFTP Server 命令注入漏洞

Enterprise Distributed Technologies CompleteFTP Server is a Windows-based SFTP SHH File Transfer Protocol server from Enterprise Distributed Technologies, Australia. A security vulnerability exists in Enterprise Distributed Technologies CompleteFTP Server versions prior to 12.1.4 that stems from...

Victure WR1200信任管理问题漏洞

Victure WR1200 is a router. Victure WR1200 1.0.3 and prior versions are vulnerable to trust management issues, which can be exploited by attackers to gain control of the device via SSH...

CVE-2021-40520

Airangel HSMX Gateway devices through 5.2.04 have Weak SSH Credentials...

Cohesity DataPlatform 信任管理问题漏洞

Cohesity DataPlatform is a suite of platforms from Cohesity for managing ancillary data and applications. The platform is primarily used for data backup, instant recovery, and more. A security vulnerability exists in Cohesity DataPlatform version 6.3 prior 6.3.1g, 6.4 up to 6.4.1c and 6.5.1 throu...

SIEMENS ROX II elevation of privilege vulnerability (CNVD-2018-20533)

SIMATIC ROX II is a ROX-based VPN endpoint and firewall device for connecting devices that operate in harsh environments, such as power substations and traffic control cabinets. An elevation of privilege vulnerability exists in SIMATIC ROX II. An authenticated attacker with elevated user account...

PT-2018-3907 · Cisco · Cisco Fxos +2

Name of the Vulnerable Software and Affected Versions: Cisco FXOS Software versions prior to the fixed version Cisco NX-OS Software versions prior to the fixed version Description: A vulnerability in the write-erase feature of Cisco FXOS Software and Cisco NX-OS Software could allow an...

CVE-2018-0141

A vulnerability in Cisco Prime Collaboration Provisioning PCP Software 11.6 could allow an unauthenticated, local attacker to log in to the underlying Linux operating system. The vulnerability is due to a hard-coded account password on the system. An attacker could exploit this vulnerability by...

The vulnerability of the Altum router’s microprogramming software relates to the use of pre-installed user accounts, which allow attackers to gain access to the embedded operating system with administrator privileges.

The vulnerability of the Altum router microprogramming system is related to the use of a pre-installed root account. Exploiting this vulnerability allows an attacker, operating remotely, to gain access to the embedded operating system with administrator privileges using SSH or Telnet connections...

The vulnerabilities of Azure cloud services include those related to BIG-IP Application Security Manager, a device for securing applications; BIG-IP Access Policy Manager, a device for controlling access and remote authentication; BIG-IP Link Controller, a device for balancing internet traffic; BIG-IP Policy Enforcement Manager, a device for controlling and managing network traffic; BIG-IP Local Traffic Manager, a device for balancing local traffic; BIG-IP DNS, a device for securing web services; BIG-IP WebSafe, a device for securing web services; BIG-IP Advanced Firewall Manager, a device for providing network firewalls; and BIG-IP Application Acceleration Manager, a device for accelerating application processing. These vulnerabilities allow attackers to gain access to the BIG-IP host.

The vulnerability in Azure’s application security protection services—BIG-IP Application Security Manager, BIG-IP Access Policy Manager for access control and remote authentication, BIG-IP Link Controller for Internet traffic balancing, BIG-IP Policy Enforcement Manager for network traffic contro...

CVE-2016-1561

ExaGrid appliances with firmware before 4.8 P26 have a default SSH public key in the authorizedkeys file for root, which allows remote attackers to obtain SSH access by leveraging knowledge of a private key from another installation or a firmware image...

CVE-2016-10307

Trango ApexLynx 2.0, ApexOrion 2.0, GigaLynx 2.0, GigaOrion 2.0, and StrataLink 3.0 devices have a built-in, hidden root account, with a default password for which the MD5 hash value is public but the cleartext value is perhaps not yet public. This account is accessible via SSH and/or TELNET, and...

VulnCheck KEV: CVE-2004-1464

Cisco IOS contains an unspecified vulnerability that may block further telnet, reverse telnet, Remote Shell RSH, Secure Shell SSH, and in some cases, Hypertext Transport Protocol HTTP access to the Cisco device...