Cisco Catalyst SD-WAN Manager Local File Inclusion Vulnerability

Cisco Catalyst SD-WAN Manager is an open and secure management console for cloud-level architectures. A local file inclusion vulnerability exists in the Cisco Catalyst SD-WAN Manager web UI, which can be exploited by a remote attacker to submit a special request that can read the contents of a...

CVE-2023-43044 IBM License Metric Tool directory traversal

IBM License Metric Tool 9.2 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences /../ to view arbitrary files on the system. IBM X-Force ID: 266893...

CVE-2023-41040 GitPython blind local file inclusion

GitPython is a python library used to interact with Git repositories. In order to resolve some git references, GitPython reads files from the .git directory, in some places the name of the file being read is provided by the user, GitPython doesn't check if this file is located outside the .git...

CVE-2023-4542

A vulnerability was found in D-Link DAR-8000-10 up to 20230809. It has been classified as critical. This affects an unknown part of the file /app/sys1.php. The manipulation of the argument cmd with the input id leads to os command injection. It is possible to initiate the attack remotely. The...

"Failed to convert Boot Configuration Data. The system cannot find the file specified. (0x00000002)"

Attemtpting to run P2pvs and get error "Failed to convert Boot Configuration Data. The system cannot find the file specified. 0x00000002" Followed https://support.citrix.com/article/CTX202159 and still same issue...

CVE-2023-2915 Rockwell Automation ThinManager Thinserver Software Vulnerable to Input Validation Vulnerability

The Rockwell Automation Thinmanager Thinserver is impacted by an improper input validation vulnerability, Due to improper input validation, a path traversal vulnerability exists when the ThinManager software processes a certain function. If exploited, an unauthenticated remote threat actor can...

CVE-2023-39391

Vulnerability of system file information leakage in the USB Service module. Successful exploitation of this vulnerability may affect confidentiality...

CVE-2023-39391

Vulnerability of system file information leakage in the USB Service module. Successful exploitation of this vulnerability may affect confidentiality...

CVE-2023-3329

SpiderControl SCADA Webserver versions 2.08 and prior are vulnerable to path traversal. An attacker with administrative privileges could overwrite files on the webserver using the HMI's upload file feature. This could create size zero files anywhere on the webserver, potentially overwriting syste...

PT-2023-23526 · Brocade · Brocade Fabric Os

Name of the Vulnerable Software and Affected Versions: Brocade Fabric OS versions prior to 9.1.1c Brocade Fabric OS versions prior to 9.2.0 Description: The issue allows system files to be overwritten using the less command. Recommendations: For Brocade Fabric OS versions prior to 9.1.1c, update ...

Brocade Fabric OS Security Vulnerabilities

Brocade Fabric OS FOS is a set of embedded operating systems used in devices such as switches and routers from Brocade USA. A security vulnerability exists in Brocade Fabric OS versions prior to v9.2.0, which stems from the ability to overwrite system files using the less command...

CVE-2020-22159

EVERTZ devices 3080IPX exe-guest-v1.2-r26125, 7801FC 1.3 Build 27, and 7890IXG V494 are vulnerable to Arbitrary File Upload, allowing an authenticated attacker to upload a webshell or overwrite any critical system files...

EVERTZ 3080IPX 代码问题漏洞

EVERTZ 3080IPX is a web-based broadcast distribution solution from EVERTZ Corporation. A security vulnerability exists in the EVERTZ 3080IPX that stems from an arbitrary file upload vulnerability. An attacker can exploit this vulnerability to upload a webshell or overwrite arbitrary system files...

CVE-2023-33989

An attacker with non-administrative authorizations in SAP NetWeaver BI CONT ADD ON - versions 707, 737, 747, 757, can exploit a directory traversal flaw to over-write system files. Data from confidential files cannot be read but potentially some OS files can be over-written leading to system...

Microsoft Windows Win32K 安全漏洞

Microsoft Windows Win32k is a system file for Windows multi-user administration from Microsoft USA. A security vulnerability exists in Microsoft Windows Win32K. The following products and versions are affected: Windows 11 version 21H2 for x64-based Systems,Windows 11 version 21H2 for ARM64-based...

CVE-2022-47617

Hitron CODA-5310 has hard-coded encryption/decryption keys in the program code. A remote attacker authenticated as an administrator can decrypt system files using the hard-coded keys for file access, modification, and cause service disruption...

CVE-2023-29200 contao/core-bundle has path traversal vulnerability in the file manager

Contao is an open source content management system. Prior to versions 4.9.40, 4.13.21, and 5.1.4, logged in users can list arbitrary system files in the file manager by manipulating the Ajax request. However, it is not possible to read the contents of these files. Users should update to Contao...

CVE-2023-29200 contao/core-bundle has path traversal vulnerability in the file manager

Contao is an open source content management system. Prior to versions 4.9.40, 4.13.21, and 5.1.4, logged in users can list arbitrary system files in the file manager by manipulating the Ajax request. However, it is not possible to read the contents of these files. Users should update to Contao...

PT-2023-20956 · Shanling · Shanling M5S +2

Name of the Vulnerable Software and Affected Versions: Shanling M5S Portable Music Player with Shanling MTouch OS version 4.3 Shanling M2X Portable Music Player with Shanling MTouch OS version 3.3 Description: A vulnerability in the Wi-Fi file transfer module allows attackers to arbitrarily read,...

CVE-2023-27105

A vulnerability in the Wi-Fi file transfer module of Shanling M5S Portable Music Player with Shanling MTouch OS v4.3 and Shanling M2X Portable Music Player with Shanling MTouch OS v3.3 allows attackers to arbitrarily read, delete, or modify any critical system files via directory traversal...