120 matches found
CVE-2024-51992 Method Exposure Vulnerability in Modals in orchid/platform
Orchid is a @laravel package that allows for rapid application development of back-office applications, admin/user panels, and dashboards. This vulnerability is a method exposure issue CWE-749: Exposed Dangerous Method or Function in the Orchid Platform’s asynchronous modal functionality, affecti...
Exploit for Deserialization of Untrusted Data in Apache Activemq
CVE-2023-46604 This repository contains an exploit script and...
Radius server test connectivity fails : Error: '1812/udp' is not a valid Radius authentication port.
Radius server test connectivity failure. Error: "Either 'ServerIP' is not a valid Radius server, '1812/udp' is not a valid Radius authentication port or Radius client is not configured properly in the Radius server."...
UBUNTU-CVE-2023-36671
An issue was discovered in the Clario VPN client through 5.9.1.1662 for macOS. The VPN client insecurely configures the operating system such that all IP traffic to the VPN server's IP address is sent in plaintext outside the VPN tunnel even if this traffic is not generated by the VPN client. Thi...
Clario VPN client security vulnerability
Clario VPN client is a VPN client for Mac from Clario. A security vulnerability exists in Clario VPN client macOS version 5.9.1.1662, which originates when the VPN client insecurely configures the operating system so that all IP traffic that gets to the VPN server's IP address is sent outside the...
PT-2023-4448 · Avira · Avira Phantom Vpn
Name of the Vulnerable Software and Affected Versions: Avira Phantom VPN versions through 2.23.1 Description: An issue was discovered in Avira Phantom VPN where the VPN client insecurely configures the operating system, sending all IP traffic to the VPN server's IP address in plaintext outside th...
CVE-2023-38921
Netgear WG302v2 v5.2.9 and WAG302v2 v5.1.19 were discovered to contain multiple command injection vulnerabilities in the upgradehandler function via the firmwareRestore and firmwareServerip parameters...
NETGEAR WG302 Command Injection Vulnerability
NETGEAR WG302 is a wireless access point from NETGEAR. A security vulnerability exists in the NETGEAR WG302v2 version v5.2.9, WAG302v2 version v5.1.19, which stems from the firmwareRestore and firmwareServerip parameters in the upgradehandler function containing multiple command injection...
Exploit for Off-by-one Error in F5 Nginx
CVE-2021-23017...
PT-2023-4237 · NetGear · Netgear Wag302V2
Name of the Vulnerable Software and Affected Versions: Netgear WG302v2 version 5.2.9 Netgear WAG302v2 version 5.1.19 Description: The issue is related to command injection vulnerabilities in the upgrade handler function. These vulnerabilities can be exploited via the firmwareRestore and...
D-Link DWL-2600AP Access Point Command Injection Vulnerability
D-Link DWL-2600AP access point contains an authenticated command injection vulnerability via the Save Configuration functionality in the Web interface, using shell metacharacters in the admin.cgi?action=configsave configBackup or downloadServerip parameter...
K31152411: BIG-IP Analytics vulnerability CVE-2019-6655
Security Advisory Description BIG-IP platforms provisioned with AAM, AFM, Application Visibility and Reporting AVR, APM, ASM, and/or PEM may leak sensitive data. CVE-2019-6655 Impact BIG-IP AAM, AFM, AVR, APM, ASM, PEM The vulnerability is only present on BIG-IP systems provisioned with AAM, AFM,...
TOTOLINK T8 updateWifiInfo Method Command Injection Vulnerability
TOTOLINK T8 is a wireless dual-band router that is mainly used for internet connection and data transmission. TOTOLINK T8 suffers from a command injection vulnerability that stems from the serverIp parameter of the updateWifiInfo method failing to correctly filter constructed command special...
The vulnerability of the embedded software of the NETGEAR R7000P router, related to buffer overflow vulnerabilities, allows a hacker to execute arbitrary code.
The vulnerability of the embedded software of the NETGEAR R7000P router is related to buffer overflow errors. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code through the openvpnserverip parameter...
CVE-2020-23593
A vulnerability in OPTILINK OP-XT71000N Hardware Version: V2.2, Firmware Version: OPV3.3.1-191028 allows an unauthenticated, remote attacker to conduct a cross site request forgery CSRF attack to enable syslog mode through ' /mgmlogcfg.asp.' The system starts to log events, 'Remote' mode or 'Both...
CVE-2022-44199
Netgear R7000P V1.3.1.64 is vulnerable to Buffer Overflow via parameter openvpnserverip...
CVE-2022-44197
Netgear R7000P V1.3.0.8 is vulnerable to Buffer Overflow via parameter openvpnserverip...
NETGEAR R7000P 缓冲区错误漏洞
NETGEAR R7000P is a wireless router from NETGEAR, Inc. NETGEAR R7000P firmware version V1.3.1.64 is vulnerable to a buffer overflow vulnerability caused by a lack of length validation of the data entered in the openvpnserverip parameter, which could be exploited by an attacker to cause a denial o...
CVE-2022-44197
Netgear R7000P V1.3.0.8 is vulnerable to Buffer Overflow via parameter openvpnserverip...
Path traversal
Webvendome - webvendome Internal Server IP Disclosure. Send GET Request to the request which is shown in the picture. Internal Server IP and Full path disclosure...