1614 matches found
FLIR Systems FLIR AX8 Thermal Camera 1.32.16 Hard-coded Credentials Shell Access
Summary Thermal Imaging Camera For Continuous Condition and Safety Monitoring FLIR AX8 is a thermal sensor with imaging capabilities. Combining thermal and visual cameras in a small, affordable package, the AX8 provides continuous temperature monitoring and alarming capabilities to protec critica...
SIEMENS ROX II elevation of privilege vulnerability (CNVD-2018-20533)
SIMATIC ROX II is a ROX-based VPN endpoint and firewall device for connecting devices that operate in harsh environments, such as power substations and traffic control cabinets. An elevation of privilege vulnerability exists in SIMATIC ROX II. An authenticated attacker with elevated user account...
Multiple Cisco Products IOS XE Software Elevation of Privilege Vulnerability
Cisco 4000 Series Integrated Services Routers and others are different models of router products from Cisco USA. in which IOS XE Software is used. an operating system developed by Cisco for its network devices. An elevation of privilege vulnerability exists in the shell access request mechanism o...
CVE-2018-15371
A vulnerability in the shell access request mechanism of Cisco IOS XE Software could allow an authenticated, local attacker to bypass authentication and gain unrestricted access to the root shell of an affected device. The vulnerability exists because the affected software has insufficient...
CVE-2018-15371
A vulnerability in the shell access request mechanism of Cisco IOS XE Software could allow an authenticated, local attacker to bypass authentication and gain unrestricted access to the root shell of an affected device. The vulnerability exists because the affected software has insufficient...
CVE-2018-15368
A vulnerability in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to gain access to the underlying Linux shell of an affected device and execute arbitrary commands with root privileges on the device. The vulnerability is due to the affected software improperl...
Authentication flaw
A vulnerability in the shell access request mechanism of Cisco IOS XE Software could allow an authenticated, local attacker to bypass authentication and gain unrestricted access to the root shell of an affected device. The vulnerability exists because the affected software has insufficient...
CVE-2018-15371 Cisco IOS XE Software Shell Access Authentication Bypass Vulnerability
A vulnerability in the shell access request mechanism of Cisco IOS XE Software could allow an authenticated, local attacker to bypass authentication and gain unrestricted access to the root shell of an affected device. The vulnerability exists because the affected software has insufficient...
CVE-2018-15371 Cisco IOS XE Software Shell Access Authentication Bypass Vulnerability
A vulnerability in the shell access request mechanism of Cisco IOS XE Software could allow an authenticated, local attacker to bypass authentication and gain unrestricted access to the root shell of an affected device. The vulnerability exists because the affected software has insufficient...
CVE-2018-15371
CVE-2018-15371 affects Cisco IOS XE Software, specifically the shell access request mechanism. The issue is an authentication bypass that could let an authenticated, local attacker request access to the root shell and gain unrestricted root access due to insufficient authentication for certain co...
CVE-2018-15368 Cisco IOS XE Software Privileged EXEC Mode Root Shell Access Vulnerability
A vulnerability in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to gain access to the underlying Linux shell of an affected device and execute arbitrary commands with root privileges on the device. The vulnerability is due to the affected software improperl...
Cisco IOS XE Software Shell Access Authentication Bypass Vulnerability
A vulnerability in the shell access request mechanism of Cisco IOS XE Software could allow an authenticated, local attacker to bypass authentication and gain unrestricted access to the root shell of an affected device. The vulnerability exists because the affected software has insufficient...
openSUSE Security Update : znc (openSUSE-2018-819)
This update for znc fixes the following issues : - Update to version 1.7.1 - CVE-2018-14055: non-admin user could gain admin privileges and shell access by injecting values into znc.conf bnc1101281 - CVE-2018-14056: path traversal in HTTP handler via ../ in a web skin name. bnc1101280 - Update to...
Security update for znc (moderate)
This update for znc fixes the following issues: - Update to version 1.7.1 CVE-2018-14055: non-admin user could gain admin privileges and shell access by injecting values into znc.conf bnc1101281 CVE-2018-14056: path traversal in HTTP handler via ../ in a web skin name. bnc1101280 - Update to...
Security update for znc (moderate)
This update for znc fixes the following issues: - Update to version 1.7.1 CVE-2018-14055: non-admin user could gain admin privileges and shell access by injecting values into znc.conf bnc1101281 CVE-2018-14056: path traversal in HTTP handler via ../ in a web skin name. bnc1101280 - Update to...
CVE-2018-10905
CloudForms Management Engine cfme is vulnerable to an improper security setting in the dRuby component of CloudForms. An attacker with access to an unprivileged local shell could use this flaw to execute commands as a high privileged user...
CVE-2018-0394
A vulnerability in the web upload function of Cisco Cloud Services Platform 2100 could allow an authenticated, remote attacker to obtain restricted shell access on an affected system. The vulnerability is due to insufficient input validation of parameters passed to a specific function within the...
CVE-2018-0394
A vulnerability in the web upload function of Cisco Cloud Services Platform 2100 could allow an authenticated, remote attacker to obtain restricted shell access on an affected system. The vulnerability is due to insufficient input validation of parameters passed to a specific function within the...
Input validation
A vulnerability in the web upload function of Cisco Cloud Services Platform 2100 could allow an authenticated, remote attacker to obtain restricted shell access on an affected system. The vulnerability is due to insufficient input validation of parameters passed to a specific function within the...
CVE-2018-0394
A vulnerability in the web upload function of Cisco Cloud Services Platform 2100 could allow an authenticated, remote attacker to obtain restricted shell access on an affected system. The vulnerability is due to insufficient input validation of parameters passed to a specific function within the...