CVE-2024-7516

A vulnerability in Brocade Fabric OS versions before 9.2.2 could allow man-in-the-middle attackers to conduct remote Service Session Hijacking that may arise from the attacker's ability to forge an SSH key while the Brocade Fabric OS Switch is performing various remote operations initiated by a...

D-Link DSL6740C 操作系统命令注入漏洞

The D-Link DSL6740C is a wireless VDSL router from China-based AUO D-Link. The D-Link DSL6740C suffers from an operating system command injection vulnerability, which can be exploited by a remote attacker with administrator privileges to inject and execute arbitrary system commands via specific...

D-Link DSL6740C 操作系统命令注入漏洞

The D-Link DSL6740C is a wireless VDSL router from China's AUO D-Link. The D-Link DSL6740C suffers from an operating system command injection vulnerability, which can be exploited by a remote attacker with administrator privileges to inject and execute arbitrary system commands via specific...

PT-2024-8170 · D Link · D-Link Dsl6740C

Name of the Vulnerable Software and Affected Versions: D-Link DSL6740C affected versions not specified Description: The D-Link DSL6740C modem has an OS Command Injection issue, allowing remote attackers with administrator privileges to inject and execute arbitrary system commands through a specif...

PT-2024-8176 · D Link · D-Link Dsl6740C

Name of the Vulnerable Software and Affected Versions: D-Link DSL6740C modem affected versions not specified Description: The D-Link DSL6740C modem has an OS Command Injection issue, allowing remote attackers with administrator privileges to inject and execute arbitrary system commands through a...

D-Link DSL6740C 安全漏洞

The D-Link DSL6740C is a wireless VDSL router from China-based AUO D-Link. A security vulnerability exists in the D-Link DSL6740C, which can be exploited by an attacker to modify arbitrary user passwords and later log in to Web, SSH, and Telnet services via certain APIs...

D-Link DSL6740C 操作系统命令注入漏洞

The D-Link DSL6740C is a wireless VDSL router from China-based AUO D-Link. The D-Link DSL6740C suffers from an operating system command injection vulnerability, which can be exploited by a remote attacker with administrator privileges to inject and execute arbitrary system commands via specific...

The vulnerability of the SSH server of Cisco Adaptive Security Appliance’s microprogrammed network interface devices allows a attacker to cause a service failure.

The vulnerability of the SSH server of the microprogrammed network interface devices in Cisco Adaptive Security Appliances ASA is related to an uncontrolled resource consumption. This vulnerability could allow a malicious actor to cause service interruptions remotely...

Tuoshi NR500-EA 安全漏洞

Tuoshi NR500-EA is a wireless router from Tuoshi, China. A security vulnerability exists in Tuoshi NR500-EA version 3.2.2543.12.18, which stems from a privilege modification vulnerability that allows an attacker to access the SSH protocol without authentication...

PT-2024-33113 · Shenzhen Tuoshi Network Communications Co. · Nr500-Ea

Name of the Vulnerable Software and Affected Versions: Shenzhen Tuoshi Network Communications Co.,Ltd 5G CPE Router NR500-EA RG500UEAABxCOMSLIC version 3.2.2543.12.18 Description: The issue is related to incorrect access control, allowing attackers to access the SSH protocol without authenticatio...

CVE-2024-20526

A vulnerability in the SSH server of Cisco Adaptive Security Appliance ASA Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition for the SSH server of an affected device. This vulnerability is due to a logic error when an SSH session is established. A...

CVE-2024-20329

A vulnerability in the SSH subsystem of Cisco Adaptive Security Appliance ASA Software could allow an authenticated, remote attacker to execute operating system commands as root. This vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by...

The vulnerability of the Kubernetes Image Builder software lies in its use of hard-coded credentials, which allows an attacker to gain access to the virtual machine.

The vulnerability of the Kubernetes Image Builder software relates to the use of strictly encrypted credentials. Exploiting this vulnerability could allow a malicious actor to gain access to the virtual machine via SSH connection and elevate their privileges to root level...

The vulnerability of the Kubernetes Image Builder software lies in its use of hard-coded credentials, which allows an attacker to gain access to the virtual machine.

The vulnerability of the Kubernetes Image Builder software relates to the use of strictly encrypted credentials. Exploiting this vulnerability could allow a malicious actor to gain access to the virtual machine via SSH connection and elevate their privileges to root level...

SUSE Manager 安全漏洞

SUSE Manager is a Linux server management system from SUSE Germany. The system provides automated software management, system configuration, and monitoring. A security vulnerability exists in SUSE Manager that stems from insecure handling of ssh keys used to boot clients, allowing a local attacke...

The vulnerability of the ObscureKeystrokeTiming() function in the SSH client of the OpenSSH cryptographic security tool allows a intruder to gain unauthorized access to protected information.

The vulnerability of the ObscureKeystrokeTiming function in the SSH client of the OpenSSH cryptographic security tool is related to synchronization errors when using a shared resource “Race Conditions”. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized...

USN-7051-1 python-asyncssh vulnerability

Fabian Bäumer, Marcus Brinkmann, Jörg Schwenk discovered that the SSH protocol was vulnerable to a prefix truncation attack. If a remote attacker was able to intercept SSH communications, extension negotiation messages could be truncated, possibly leading to certain algorithms and features being...

The vulnerability of the microprogramming software of the Infinera hiT 7300 platform, which is related to the use of rigidly encrypted account data, allows attackers to enhance their privileges.

The vulnerability of the microprogramming software used in the Infinera hiT 7300 optical communication platform is related to the use of rigidly encrypted account data. Exploiting this vulnerability could allow a malicious actor, operating remotely, to enhance their privileges by gaining access t...

CVE-2024-28813

An issue was discovered in Infinera hiT 7300 5.60.50. Undocumented privileged functions in the @CT management application allow an attacker to activate remote SSH access to the appliance via an unexpected network interface...

Infinera hiT 7300 安全漏洞

The Infinera hiT 7300 is a software-defined networking SDN-ready coherent packet-optical transport system from Infinera USA. A security vulnerability exists in the Infinera hiT 7300 version 5.60.50 that stems from a hidden SSH service with hard-coded credentials that allows an attacker to access...