Lucene search
K

214 matches found

NVD
NVD
added 2023/08/24 7:15 a.m.30 views

CVE-2023-3704

The vulnerability exists in CP-Plus DVR due to an improper input validation within the web-based management interface of the affected products. An unauthenticated remote attacker could exploit this vulnerability by sending specially crafted HTTP requests to the vulnerable device. Successful...

5.3CVSS5.3AI score0.00527EPSS
Exploits0References1
Prion
Prion
added 2023/08/24 7:15 a.m.26 views

Input validation

The vulnerability exists in CP-Plus DVR due to an improper input validation within the web-based management interface of the affected products. An unauthenticated remote attacker could exploit this vulnerability by sending specially crafted HTTP requests to the vulnerable device. Successful...

5CVSS5.3AI score0.00527EPSS
Exploits0References1Affected Software9
Vulnrichment
Vulnrichment
added 2023/08/24 6:42 a.m.17 views

CVE-2023-3704 Timestamp Modification Vulnerability in CP-Plus Digital Video Recorder

The vulnerability exists in CP-Plus DVR due to an improper input validation within the web-based management interface of the affected products. An unauthenticated remote attacker could exploit this vulnerability by sending specially crafted HTTP requests to the vulnerable device. Successful...

5.3CVSS7AI score0.00527EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/08/24 6:42 a.m.32 views

CVE-2023-3704 Timestamp Modification Vulnerability in CP-Plus Digital Video Recorder

The vulnerability exists in CP-Plus DVR due to an improper input validation within the web-based management interface of the affected products. An unauthenticated remote attacker could exploit this vulnerability by sending specially crafted HTTP requests to the vulnerable device. Successful...

5.3CVSS5.6AI score0.00527EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/08/24 12:0 a.m.8 views

PT-2023-25770

Name of the Vulnerable Software and Affected Versions CP-Plus DVR affected versions not specified Description The issue exists due to improper input validation within the web-based management interface. An unauthenticated remote attacker could exploit this by sending specially crafted HTTP reques...

5.3CVSS5.5AI score0.00527EPSS
Exploits0References3
OSV
OSV
added 2023/05/11 10:15 p.m.4 views

CVE-2023-31529

Motorola CX2L Router 1.0.1 was discovered to contain a command injection vulnerability via the systemtimetimezone parameter...

8.8CVSS7.3AI score0.0221EPSS
Exploits1References1
Cvelist
Cvelist
added 2023/05/11 12:0 a.m.15 views

CVE-2023-31529

Motorola CX2L Router 1.0.1 was discovered to contain a command injection vulnerability via the systemtimetimezone parameter...

9.2AI score0.0221EPSS
Exploits1References1
CNNVD
CNNVD
added 2023/05/11 12:0 a.m.7 views

Motorola CX2 命令注入漏洞

The Motorola CX2 is a wireless router from Motorola USA. A command injection vulnerability exists in the Motorola CX2L Router version 1.0.1, which was discovered to contain a command injection vulnerability via the systemtimetimezone parameter...

8.8CVSS8AI score0.0221EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2023/05/11 12:0 a.m.6 views

CVE-2023-31529

Motorola CX2L Router 1.0.1 was discovered to contain a command injection vulnerability via the systemtimetimezone parameter...

9AI score0.0221EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2023/02/23 12:0 a.m.3 views

PT-2023-19481 · Tenda · Tenda Ax3

Name of the Vulnerable Software and Affected Versions: Tenda AX3 version 16.03.12.11 Description: A stack overflow issue was discovered via the timeType function at the "/goform/SetSysTimeCfg" API endpoint. Recommendations: For Tenda AX3 version 16.03.12.11, consider disabling access to the...

9.8CVSS9.5AI score0.01056EPSS
Exploits1References4
F5 Networks
F5 Networks
added 2023/02/21 6:32 p.m.36 views

K55376430: NTP vulnerabilities CVE-2020-13817

Security Advisory Description The ntpd in the network time protocol NTP before 4.2.8p14, and in 4.3.x before 4.3.100, allows remote attackers to cause a denial-of-service DoS, either daemon exit or system time change, by predicting transmit timestamps for use in spoofed packets. The victim must b...

7.4CVSS6.6AI score0.04071EPSS
Exploits0Affected Software16
SUSE CVE
SUSE CVE
added 2023/02/15 5:40 a.m.5 views

SUSE CVE-2013-1797

Use-after-free vulnerability in arch/x86/kvm/x86.c in the Linux kernel through 3.8.4 allows guest OS users to cause a denial of service host OS memory corruption or possibly have unspecified other impact via a crafted application that triggers use of a guest physical address GPA in 1 movable or 2...

6.8CVSS7AI score0.00894EPSS
Exploits0References12
NVD
NVD
added 2023/02/09 5:15 p.m.18 views

CVE-2022-30564

Some Dahua embedded products have a vulnerability of unauthorized modification of the device timestamp. By sending a specially crafted packet to the vulnerable interface, an attacker can modify the device system time...

5.3CVSS5.2AI score0.00438EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/02/09 12:0 a.m.4 views

部分Dahua产品 安全漏洞

Dahua software products are a series of applications from the Chinese company Dahua. A security vulnerability exists in some of the Dahua products, which arises from the ability to modify the system time via a special method...

5.3CVSS5.7AI score0.00438EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/02/09 12:0 a.m.21 views

CVE-2022-30564

Some Dahua embedded products have a vulnerability of unauthorized modification of the device timestamp. By sending a specially crafted packet to the vulnerable interface, an attacker can modify the device system time...

5.5AI score0.00438EPSS
Exploits0References1
OSV
OSV
added 2023/01/29 11:15 p.m.16 views

CVE-2021-46873

WireGuard, such as WireGuard 0.5.3 on Windows, does not fully account for the possibility that an adversary might be able to set a victim's system time to a future value, e.g., because unauthenticated NTP is used. This can lead to an outcome in which one static private key becomes permanently...

5.3CVSS5.3AI score
Exploits0References1
UbuntuCve
UbuntuCve
added 2023/01/29 11:15 p.m.28 views

CVE-2021-46873

WireGuard, such as WireGuard 0.5.3 on Windows, does not fully account for the possibility that an adversary might be able to set a victim's system time to a future value, e.g., because unauthenticated NTP is used. This can lead to an outcome in which one static private key becomes permanently...

5.3CVSS6.1AI score0.00472EPSS
Exploits0References2
OSV
OSV
added 2023/01/29 11:15 p.m.3 views

UBUNTU-CVE-2021-46873

WireGuard, such as WireGuard 0.5.3 on Windows, does not fully account for the possibility that an adversary might be able to set a victim's system time to a future value, e.g., because unauthenticated NTP is used. This can lead to an outcome in which one static private key becomes permanently...

5.3CVSS6AI score0.00472EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/01/29 12:0 a.m.4 views

pfSense-pkg-WireGuard 安全漏洞

pfSense-pkg-WireGuard is a VPN component for pfSense from pfSense Open Source. A security vulnerability exists in pfSense-pkg-WireGuard version 0.5.3, which stems from not considering the possibility that the system time is set to a future value, resulting in a permanently invalid static private...

5.3CVSS5.7AI score0.00472EPSS
Exploits0References2
CVE
CVE
added 2023/01/29 12:0 a.m.53 views

CVE-2021-46873

CVE-2021-46873 concerns WireGuard (e.g., WireGuard 0.5.3 on Windows) where an attacker could force a victim’s system time forward (e.g., via unauthenticated NTP). The result is that one static private key may become permanently useless. The connected documents confirm the affected component and t...

5.3CVSS5.2AI score0.00472EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder