163 matches found
Siemens Scalance W1750D Buffer Copy without Checking Size of Input (CVE-2023-45614)
There are buffer overflow vulnerabilities in the underlying CLI service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI Aruba's access point management protocol UDP port 8211. Successful exploitation of these vulnerabilities resul...
CVE-2024-25331
DIR-822 Rev. B Firmware v2.02KRB09 and DIR-822-CA Rev. B Firmware v2.03WWb01 suffer from a LAN-Side Unauthenticated Remote Code Execution RCE vulnerability elevated from HNAP Stack-Based Buffer Overflow...
TELSAT marKoni FM Transmitter 1.9.5 Root Command Injection
!/usr/bin/env python TELSAT marKoni FM Transmitter 1.9.5 Root Command Injection PoC Exploit Vendor: TELSAT Srl Product web page: https://www.markoni.it Affected version: Markoni-D Compact FM Transmitters Markoni-DH Exciter+Amplifiers FM Transmitters Markoni-A Analogue Modulator FM Transmitters...
CVE-2018-25095 Duplicator < 1.3.0 - Unauthenticated RCE
The Duplicator WordPress plugin before 1.3.0 does not properly escape values when its installer script replaces values in WordPress configuration files. If this installer script is left on the site after use, it could be use to run arbitrary code on the server...
PT-2024-22: (Unauth Remote Code Execution) in MyQ Print Server
The vulnerability was identified in MyQ Print Server, versions 8.2 patch 43. An Unauthenticated Remote Code Execution vulnerability can be exploited by an attacker to gain elevated privileges on the target server. Vulnerability status: Confirmed by vendor Date of vulnerability detection: 25.12.20...
Exploit for Missing Authorization in Zoneminder
CVE-2023-26035 Unauthenticated RCE in ZoneMinder Snapshots - P...
CVE-2023-45614
There are buffer overflow vulnerabilities in the underlying CLI service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI Aruba's access point management protocol UDP port 8211. Successful exploitation of these vulnerabilities resul...
Aruba Networks ArubaOS and InstantOS Security Vulnerabilities
Aruba Networks ArubaOS and Aruba Networks InstantOS are both products of Aruba Networks, Inc. Aruba Networks InstantOS is an Arch Linux-based distribution. Aruba Networks ArubaOS and InstantOS have security vulnerabilities that stem from a buffer overflow vulnerability in the underlying CLI servi...
Deserialization of untrusted data
Frigate is an open source network video recorder. Prior to version 0.13.0 Beta 3, an unsafe deserialization vulnerability was identified in the endpoints used to save configurations for Frigate. This can lead to unauthenticated remote code execution. This can be performed through the UI at /confi...
Frigate Code Issue Vulnerability
Frigate is a complete local NVR designed for home assistants with AI object detection by Blake Blackshear Personal Developer. A code issue vulnerability exists in versions prior to Frigate 0.13.0 Beta 3 that stems from the presence of an insecure deserialization vulnerability that could lead to...
K000137368: Overview of F5 vulnerabilities (October 26, 2023)
Security Advisory Description On October 26, 2023, F5 announced the following security issues. This document is intended to serve as an overview of these vulnerabilities and security exposures to help determine the impact to your F5 devices. You can find the details of each issue in the associate...
CVE-2023-43208
NextGen Healthcare Mirth Connect before version 4.4.1 is vulnerable to unauthenticated remote code execution. Note that this vulnerability is caused by the incomplete patch of CVE-2023-37679...
CVE-2023-43208
NextGen Healthcare Mirth Connect (before 4.4.1) is affected by a deserialization of untrusted data vulnerability that allows unauthenticated remote code execution. Root cause: an incomplete patch of CVE-2023-37679 left a gadget chain bypassing the original deny list, enabling RCE via crafted HTTP...
CVE-2023-43762
Certain WithSecure products allow Unauthenticated Remote Code Execution via the web server backend. This affects WithSecure Policy Manager 15 and Policy Manager Proxy 15...
Jorani Remote Code Execution Exploit
This Metasploit module exploits an unauthenticated remote code execution vulnerability in Jorani versions prior to 1.0.2. It abuses log poisoning and redirection bypass via header spoofing and then it uses path traversal to trigger the vulnerability. It has been tested on Jorani 1.0.0. This modul...
CVE-2023-35980 Unauthenticated Buffer Overflow Vulnerabilities in Services Accessed by the PAPI Protocol
There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI Aruba's access point management protocol UDP port 8211. Successful exploitation of these vulnerabilities...
CVE-2023-37170
TOTOLINK A3300R V17.0.0cu.557B20221024 was discovered to contain an unauthenticated remote code execution RCE vulnerability via the lang parameter in the setLanguageCfg function...
CVE-2023-22786
There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI Aruba's access point management protocol UDP port 8211. Successful exploitation of these vulnerabilities...
Buffer overflow
There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI Aruba's access point management protocol UDP port 8211. Successful exploitation of these vulnerabilities...
CVE-2023-22785 Unauthenticated Buffer Overflow Vulnerabilities in Services Accessed by the PAPI Protocol
There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI Aruba's access point management protocol UDP port 8211. Successful exploitation of these vulnerabilities...