214 matches found
CVE-2023-3704
The vulnerability exists in CP-Plus DVR due to an improper input validation within the web-based management interface of the affected products. An unauthenticated remote attacker could exploit this vulnerability by sending specially crafted HTTP requests to the vulnerable device. Successful...
Input validation
The vulnerability exists in CP-Plus DVR due to an improper input validation within the web-based management interface of the affected products. An unauthenticated remote attacker could exploit this vulnerability by sending specially crafted HTTP requests to the vulnerable device. Successful...
CVE-2023-3704 Timestamp Modification Vulnerability in CP-Plus Digital Video Recorder
The vulnerability exists in CP-Plus DVR due to an improper input validation within the web-based management interface of the affected products. An unauthenticated remote attacker could exploit this vulnerability by sending specially crafted HTTP requests to the vulnerable device. Successful...
CVE-2023-3704 Timestamp Modification Vulnerability in CP-Plus Digital Video Recorder
The vulnerability exists in CP-Plus DVR due to an improper input validation within the web-based management interface of the affected products. An unauthenticated remote attacker could exploit this vulnerability by sending specially crafted HTTP requests to the vulnerable device. Successful...
PT-2023-25770
Name of the Vulnerable Software and Affected Versions CP-Plus DVR affected versions not specified Description The issue exists due to improper input validation within the web-based management interface. An unauthenticated remote attacker could exploit this by sending specially crafted HTTP reques...
CVE-2023-31529
Motorola CX2L Router 1.0.1 was discovered to contain a command injection vulnerability via the systemtimetimezone parameter...
CVE-2023-31529
Motorola CX2L Router 1.0.1 was discovered to contain a command injection vulnerability via the systemtimetimezone parameter...
Motorola CX2 命令注入漏洞
The Motorola CX2 is a wireless router from Motorola USA. A command injection vulnerability exists in the Motorola CX2L Router version 1.0.1, which was discovered to contain a command injection vulnerability via the systemtimetimezone parameter...
CVE-2023-31529
Motorola CX2L Router 1.0.1 was discovered to contain a command injection vulnerability via the systemtimetimezone parameter...
PT-2023-19481 · Tenda · Tenda Ax3
Name of the Vulnerable Software and Affected Versions: Tenda AX3 version 16.03.12.11 Description: A stack overflow issue was discovered via the timeType function at the "/goform/SetSysTimeCfg" API endpoint. Recommendations: For Tenda AX3 version 16.03.12.11, consider disabling access to the...
K55376430: NTP vulnerabilities CVE-2020-13817
Security Advisory Description The ntpd in the network time protocol NTP before 4.2.8p14, and in 4.3.x before 4.3.100, allows remote attackers to cause a denial-of-service DoS, either daemon exit or system time change, by predicting transmit timestamps for use in spoofed packets. The victim must b...
SUSE CVE-2013-1797
Use-after-free vulnerability in arch/x86/kvm/x86.c in the Linux kernel through 3.8.4 allows guest OS users to cause a denial of service host OS memory corruption or possibly have unspecified other impact via a crafted application that triggers use of a guest physical address GPA in 1 movable or 2...
CVE-2022-30564
Some Dahua embedded products have a vulnerability of unauthorized modification of the device timestamp. By sending a specially crafted packet to the vulnerable interface, an attacker can modify the device system time...
部分Dahua产品 安全漏洞
Dahua software products are a series of applications from the Chinese company Dahua. A security vulnerability exists in some of the Dahua products, which arises from the ability to modify the system time via a special method...
CVE-2022-30564
Some Dahua embedded products have a vulnerability of unauthorized modification of the device timestamp. By sending a specially crafted packet to the vulnerable interface, an attacker can modify the device system time...
CVE-2021-46873
WireGuard, such as WireGuard 0.5.3 on Windows, does not fully account for the possibility that an adversary might be able to set a victim's system time to a future value, e.g., because unauthenticated NTP is used. This can lead to an outcome in which one static private key becomes permanently...
CVE-2021-46873
WireGuard, such as WireGuard 0.5.3 on Windows, does not fully account for the possibility that an adversary might be able to set a victim's system time to a future value, e.g., because unauthenticated NTP is used. This can lead to an outcome in which one static private key becomes permanently...
UBUNTU-CVE-2021-46873
WireGuard, such as WireGuard 0.5.3 on Windows, does not fully account for the possibility that an adversary might be able to set a victim's system time to a future value, e.g., because unauthenticated NTP is used. This can lead to an outcome in which one static private key becomes permanently...
pfSense-pkg-WireGuard 安全漏洞
pfSense-pkg-WireGuard is a VPN component for pfSense from pfSense Open Source. A security vulnerability exists in pfSense-pkg-WireGuard version 0.5.3, which stems from not considering the possibility that the system time is set to a future value, resulting in a permanently invalid static private...
CVE-2021-46873
CVE-2021-46873 concerns WireGuard (e.g., WireGuard 0.5.3 on Windows) where an attacker could force a victim’s system time forward (e.g., via unauthenticated NTP). The result is that one static private key may become permanently useless. The connected documents confirm the affected component and t...