PT-2022-7448 · Net Snmp +8 · Net-Snmp +8

Name of the Vulnerable Software and Affected Versions: net-snmp versions prior to 5.9.2 Description: The issue is related to a NULL pointer dereference in the NET-SNMP-AGENT-MIB::nsLogTable function. A user with read-write credentials can use a malformed OID in a SET request to cause this issue. ...

CVE-2020-8772

The InfiniteWP Client plugin before 1.9.4.5 for WordPress has a missing authorization check in iwpmmbsetrequest in init.php. Any attacker who knows the username of an administrator can log in...

PT-2020-20264

Name of the Vulnerable Software and Affected Versions: InfiniteWP Client plugin versions prior to 1.9.4.5 Description: The InfiniteWP Client plugin for WordPress has a missing authorization check in the iwp mmb set request function within the init.php file. An attacker who knows an administrator'...

Rockwell Automation/Allen-Bradley MicroLogix 1400 Series B FRN < 21.2 Multiple Vulnerabilities (ICSA-18-095-01)

Binary data 720102.prm...

UBUNTU-CVE-2017-9951

The tryreadcommand function in memcached.c in memcached before 1.4.39 allows remote attackers to cause a denial of service segmentation fault via a request to add/set a key, which makes a comparison between signed and unsigned int and triggers a heap-based buffer over-read. NOTE: this vulnerabili...

Hyper-V - &#039;vmswitch.sys&#039; VmsMpCommonPvtHandleMulticastOids Guest to Host Kernel-Pool Overflow

/ Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=688 This function is reachable by sending a RNDIS Set request with OID 0x01010209 OID8023MULTICASTLIST from the Guest to the Host. This function potentially allocates a buffer based on the addresses sent. The number of entries is...

microtik-poc.txt

/ -------------------------------------------------------------------------- c ShadOS 2008 | || || | | |/ / | || | | / - | | ' SNMP Service General Information Summary ... RouterOS supports only Get, which means that you can use this implementation only for network monitoring. The MikroTik Router...

MikroTik RouterOS 3.13 - SNMP write (Set request)

/ -------------------------------------------------------------------------- c ShadOS 2008 | || || | | |/ / | || | | / - | | ' SNMP Service General Information Summary ... RouterOS supports only Get, which means that you can use this implementation only for network monitoring. The MikroTik Router...

Cross site request forgery (csrf)

SNMPd in MikroTik RouterOS 3.2 and earlier allows remote attackers to cause a denial of service daemon crash via a crafted SNMP SET request...

VulnCheck KEV: CVE-2006-5745

Unspecified vulnerability in the setRequestHeader method in the XMLHTTP XML HTTP ActiveX Control 4.0 in Microsoft XML Core Services 4.0 on Windows, when accessed by Internet Explorer, allows remote attackers to execute arbitrary code via crafted arguments that lead to memory corruption, a...

security flaw

Vulnerabilities in the SNMPv1 request handling of a large number of SNMP implementations allow remote attackers to cause a denial of service or gain privileges via 1 GetRequest, 2 GetNextRequest, and 3 SetRequest messages, as demonstrated by the PROTOS c06-SNMPv1 test suite. NOTE: It is highly...