73 matches found
CVE-2019-12864
SolarWinds Orion Platform 2018.4 HF3 NPM 12.4, NetPath 1.1.4 is vulnerable to Information Leakage, because of improper error handling with stack traces, as demonstrated by discovering a full pathname upon a 500 Internal Server Error via the api2/swis/query?lang=en-us=false query parameter...
EUVD-2019-4442
Malware in sbrugna...
EUVD-2019-7585
Malware in sbrugna...
EUVD-2019-7586
Malware in sbrugna...
EUVD-2019-18918
Malware in sbrugna...
EUVD-2019-4443
Malware in sbrugna...
CVE-2021-28674
The node management page in SolarWinds Orion Platform before 2020.2.5 HF1 allows an attacker to create or delete a node outside of the attacker's perimeter via an account with write permissions. This occurs because node IDs are predictable with incrementing numbers and the access control on...
CVE-2020-35856
SolarWinds Orion Platform before 2020.2.5 allows stored XSS attacks by an administrator on the Customize View page...
PT-2024-1656 · Solarwinds · Solarwinds Orion Platform
Name of the Vulnerable Software and Affected Versions: SolarWinds Orion Platform affected versions not specified Description: A SQL Injection Remote Code Execution issue was discovered in the SolarWinds Platform, specifically using an update statement. This issue requires user authentication to b...
The vulnerability of the BlacklistedFilesChecker software module in SolarWinds Orion Platform allows a hacker to execute arbitrary code.
The vulnerability of the BlacklistedFilesChecker software for network monitoring on the SolarWinds Orion Platform exists due to insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor, operating remotely, to execute arbitrary code within the SYSTEM conte...
The vulnerability of the SolarWinds Orion Platform’s network monitoring software lies in its deserialization mechanism flaws, which allows a hacker to execute arbitrary commands from the web console.
The vulnerability of the SolarWinds Orion Platform’s network monitoring software is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability could allow a remote attacker to execute arbitrary commands from the web console...
PT-2023-7405 · Solarwinds · Solarwinds Orion Platform
Name of the Vulnerable Software and Affected Versions: SolarWinds Orion Platform affected versions not specified Description: The issue is related to an incomplete list of disallowed inputs in the BlacklistedFilesChecker class of the SolarWinds Orion Platform, which can lead to remote code...
The vulnerability of the BlacklistedFilesChecker software module in SolarWinds Orion Platform allows a hacker to execute arbitrary code.
The vulnerability of the BlacklistedFilesChecker software for network monitoring on the SolarWinds Orion Platform is related to insufficient comparison. Exploiting this vulnerability allows a remote attacker to execute arbitrary code within the SYSTEM context...
The vulnerability of the UpdateActionsProperties method in the SolarWinds Orion Platform’s network monitoring software allows a hacker to execute arbitrary code.
The vulnerability of the UpdateActionsProperties method in the SolarWinds Orion Platform software monitoring solution is related to insufficient comparison. Exploiting this vulnerability allows a remote attacker to execute arbitrary code in the context of NETWORK SERVICE...
PT-2023-4341 · Solarwinds · Solarwinds Orion Platform
Name of the Vulnerable Software and Affected Versions: SolarWinds Orion Platform affected versions not specified Description: The issue allows users with administrative access to the SolarWinds Web Console to execute arbitrary commands with NETWORK SERVICE privileges. This is due to an Incorrect...
PT-2023-4415 · Solarwinds · Solarwinds Orion Platform
Name of the Vulnerable Software and Affected Versions: SolarWinds Orion Platform affected versions not specified Description: The issue is related to an Incorrect Comparison Vulnerability in the SolarWinds Orion Platform, specifically in the BlacklistedFilesChecker class. This vulnerability allow...
The vulnerability of the SolarWinds Orion Platform’s network monitoring software, related to improper code generation management, allows a intruder to execute arbitrary commands.
The vulnerability of the SolarWinds Orion Platform’s network monitoring software lies in improper code generation management. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...
PT-2023-6826 · Solarwinds · Solarwinds Orion Platform +2
Name of the Vulnerable Software and Affected Versions: SolarWinds Platform version 2022.4.1 Description: The issue is related to the deserialization of untrusted data in the SolarWinds Orion Platform, which can be exploited by a remote adversary with admin-level access to the SolarWinds Web...
Solarwinds Orion Platform 跨站脚本漏洞
Solarwinds Orion Platform is a network fault and network performance management platform from Solarwinds, Inc. The platform provides real-time monitoring and analysis of network devices, as well as support for customized web interfaces, multiple user comments, and a mapped view of the entire...
SolarWinds Orion Platform < 2022.3 Multiple Vulnerabilities
The version of SolarWinds Orion Platform installed on the remote host is prior to 2022.3. It is, therefore, affected by multiple vulnerabilities as referenced in the solarwindsplatform20223 advisory. - A vulnerable component of Orion Platform was vulnerable to SQL Injection, an authenticated...