Lucene search
+L

323 matches found

NVD
NVD
added 2022/11/17 11:15 p.m.22 views

CVE-2022-36785

D-Link – G integrated Access Device4 Information Disclosure & Authorization Bypass. Information Disclosure – file contains a URL with private IP at line 15 "login.asp" A. The window.location.href = http://192.168.1.1/setupWizard.asp" http://192.168.1.1/setupWizard.asp" ; "admin" – contains defaul...

7.5CVSS0.01894EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/11/17 12:0 a.m.20 views

PT-2022-23624 · D Link · D-Link G Integrated Access Device4

Name of the Vulnerable Software and Affected Versions: D-Link - G integrated Access Device4 affected versions not specified Description: The issue concerns information disclosure and authorization bypass. It involves a file containing a URL with a private IP address and default username value...

7.5CVSS6.4AI score0.01894EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2022/09/26 12:0 a.m.6 views

PT-2022-6962 · D Link · D-Link Dap-1325

Name of the Vulnerable Software and Affected Versions: D-Link DAP-1325 affected versions not specified Description: This issue allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1325 routers. Authentication is not required to exploit this issue. Th...

8.8CVSS7.5AI score0.01187EPSS
Exploits0References7
Citrix
Citrix
added 2022/08/01 12:0 a.m.9 views

Citrix Provisioning Console communication error while running on Azure

The Citrix Provisioning Console fails to communicate with Azure after TLS 1.0 has been disabled. This prevents the use of CVAD Setup Wizard or power management in Azure using the Citrix Provisioning Console or Citrix Provisioning PowerShell interfaces. This affects all version of Citrix...

7.1AI score
Exploits0
Hacker One
Hacker One
added 2022/07/01 4:9 p.m.17 views

Stripo Inc: [SSRF] my.stripo.email via the setup-wizard parameter

A vulnerability in the setup wizard allowed SSRF. The issue has been resolved...

7AI score
Exploits0
OSV
OSV
added 2022/05/14 3:45 a.m.11 views

GHSA-R5X3-2446-HRP7 Race Condition in Jenkins

A race condition during Jenkins 2.81 through 2.94 inclusive; 2.89.1 startup could result in the wrong order of execution of commands during initialization. This could in rare cases result in failure to initialize the setup wizard on the first startup. This resulted in multiple security-related...

8.1CVSS6.1AI score0.01145EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2022/05/03 8:15 p.m.3 views

CVE-2022-28782

Improper access control vulnerability in Contents To Window prior to SMR May-2022 Release 1 allows physical attacker to install package before completion of Setup wizard. The patch blocks entry point of the vulnerability...

4.6CVSS5.9AI score0.00101EPSS
Exploits0References2
OSV
OSV
added 2022/05/03 8:15 p.m.7 views

CVE-2022-28782

Improper access control vulnerability in Contents To Window prior to SMR May-2022 Release 1 allows physical attacker to install package before completion of Setup wizard. The patch blocks entry point of the vulnerability...

4.6CVSS5.8AI score0.00101EPSS
Exploits0References1
NVD
NVD
added 2022/05/03 8:15 p.m.20 views

CVE-2022-28782

Improper access control vulnerability in Contents To Window prior to SMR May-2022 Release 1 allows physical attacker to install package before completion of Setup wizard. The patch blocks entry point of the vulnerability...

4.6CVSS0.00101EPSS
Exploits0References1
Prion
Prion
added 2022/05/03 8:15 p.m.10 views

Improper access control

Improper access control vulnerability in Contents To Window prior to SMR May-2022 Release 1 allows physical attacker to install package before completion of Setup wizard. The patch blocks entry point of the vulnerability...

2.1CVSS4.6AI score0.00101EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2022/05/03 7:40 p.m.74 views

CVE-2022-28782

CVE-2022-28782 concerns Samsung’s Contents To Window in the context of the SMR May-2022 Release 1. The issue is described as an improper access control that could allow a physical attacker to install a package before the Setup wizard finishes. The available remediation is a patch that blocks the ...

4.6CVSS4.5AI score0.00101EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2022/05/03 12:0 a.m.5 views

PT-2022-19230 · Unknown · Contents To Window

Name of the Vulnerable Software and Affected Versions: Contents To Window versions prior to SMR May-2022 Release 1 Description: The issue is related to improper access control, allowing a physical attacker to install a package before the completion of the Setup wizard. This can be exploited by a...

4.6CVSS4.3AI score0.00101EPSS
Exploits0References4
Citrix
Citrix
added 2022/03/14 12:0 a.m.7 views

CVAD Setup Wizard Fails To Complete When Using Citrix Cloud - Index Was Out Of Range

Running the Provisioning Services CVAD Setup Wizard to create or add new machines to a Citrix Cloud catalog fails to create the devices. Upon clicking finish, after specifying wizard parameters, the wizard closes and the following error appears: Error: Index was out of range. Must be non-negative...

7AI score
Exploits0
Prion
Prion
added 2022/03/10 5:47 p.m.19 views

Improper access control

Improper access control on the LocalClientList.asp interface allows an unauthenticated remote attacker to obtain sensitive information concerning devices on the local area network, including IP and MAC addresses. Improper access control on the wirelesssetup.asp interface allows an unauthenticated...

5.8CVSS7.6AI score0.01472EPSS
Exploits1References1Affected Software5
OSV
OSV
added 2022/03/10 5:46 p.m.5 views

CVE-2022-24932

Improper Protection of Alternate Path vulnerability in Setup wizard process prior to SMR Mar-2022 Release 1 allows physical attacker package installation before finishing Setup wizard...

4.6CVSS5.8AI score0.00106EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/03/10 5:46 p.m.6 views

CVE-2022-24932

Improper Protection of Alternate Path vulnerability in Setup wizard process prior to SMR Mar-2022 Release 1 allows physical attacker package installation before finishing Setup wizard...

4.6CVSS5.8AI score0.00106EPSS
Exploits0References2
NVD
NVD
added 2022/03/10 5:46 p.m.31 views

CVE-2022-24932

Improper Protection of Alternate Path vulnerability in Setup wizard process prior to SMR Mar-2022 Release 1 allows physical attacker package installation before finishing Setup wizard...

4.6CVSS0.00106EPSS
Exploits0References1
Prion
Prion
added 2022/03/10 5:46 p.m.23 views

Input validation

Improper Protection of Alternate Path vulnerability in Setup wizard process prior to SMR Mar-2022 Release 1 allows physical attacker package installation before finishing Setup wizard...

2.1CVSS4.6AI score0.00106EPSS
Exploits0References1Affected Software2
CNNVD
CNNVD
added 2022/03/10 12:0 a.m.6 views

Samsung Setup wizard process安全漏洞

The Samsung Setup wizard process is an installation setup wizard from Samsung South Korea. A security vulnerability exists in the Samsung Setup wizard process that stems from improper protection of alternate paths during the installation wizard process, allowing an attacker to install the securit...

4.6CVSS5.1AI score0.00106EPSS
Exploits0References2
CVE
CVE
added 2022/03/08 1:46 p.m.102 views

CVE-2022-24932

The CVE-2022-24932 entry concerns Samsung Setup wizard: an Improper Protection of Alternate Path vulnerability in the Setup wizard process allows a physical attacker to install packages before the wizard completes. Affected versions are Setup wizard versions prior to SMR Mar-2022 Release 1. The u...

4.6CVSS4.5AI score0.00106EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder