BUFFALO Wi-Fi router 访问控制错误漏洞

The BUFFALO Wi-Fi router is a series of routers developed by the Japanese company BUFFALO. The BUFFALO Wi-Fi router has an access control vulnerability, which stems from the lack of authentication for key functions. This vulnerability could allow attackers to forcibly restart the product without...

Microchip TimePictra 安全漏洞

Microchip TimePictra is a synchronization network management software developed by the American company Microchip. Versions of Microchip TimePictra 11.3 SP2 and earlier contained security vulnerabilities. These vulnerabilities stemmed from the lack of authentication for critical functions, which...

TÜBİTAK BİLGEM Liderahenk 访问控制错误漏洞

TÜBİTAK BİLGEM Liderahenk is a central management system of the Turkish company TÜBİTAK BİLGEM. Versions 3.3.1 and earlier, including 3.5.0, had access control vulnerabilities due to the lack of authentication for key functions, which could lead to remote code execution...

Universal FlexCity/Kiosk 访问控制错误漏洞

Universal FlexCity/Kiosk is a smart city self-service terminal system developed by the Turkish company Universal. Versions of Universal FlexCity/Kiosk prior to 1.0.36 contained an access control vulnerability. This vulnerability stemmed from privileged definitions that included insecure operation...

Sharp Media Player MP-01 安全漏洞

Sharp Media Player MP-01 is a commercial digital signage media player from Sharp Japan. A security vulnerability exists in Sharp Media Player MP-01, which stems from a lack of authentication for critical functions, and could lead to unauthorized access to the web interface and the ability to chan...

AOMEI Cyber Backup 访问控制错误漏洞

AOMEI Cyber Backup is a backup and restore software from China-based AOMEI Technology AOMEI. An access control error vulnerability exists in AOMEI Cyber Backup that stems from a lack of authentication for critical functions, which could lead to remote code execution...

The vulnerability of the CommuniGate Pro mail server lies in the lack of authentication for critical functions, allowing attackers to send emails with arbitrary content to any email address.

The vulnerability of the CommuniGate Pro mail server lies in the lack of authentication for critical functions. Exploiting this vulnerability allows a malicious actor to send emails with arbitrary content to any email address...

Drupal Config Pages Viewer 安全漏洞

Drupal Config Pages Viewer is a configuration viewer for the Drupal community. A security vulnerability exists in Drupal Config Pages Viewer versions prior to 1.0.4, which stems from a lack of authentication for critical functions and could lead to improper access control...

Hammock AssetView 访问控制错误漏洞

Hammock AssetView is an IT asset management tool and information asset management software from Hammock Japan. An access control error vulnerability exists in Hammock AssetView that stems from a lack of authentication for critical functions, which could result in files being accessed or deleted...

Microsoft Azure PolicyWatch 访问控制错误漏洞

Microsoft Azure PolicyWatch is an application from Microsoft Corporation USA. An access control error vulnerability exists in Microsoft Azure PolicyWatch that stems from a lack of authentication for critical functions, allowing an unauthorized attacker to elevate privileges through the network...

The vulnerability of the microprogramming software of the ICU device and the iSTAR Pro door controller allows a intruder to carry out a “machine-in-the-midden” attack.

The vulnerability of the ICU tool and the iSTAR Pro door controller is related to the lack of authentication for critical functions. Exploiting this vulnerability could allow a remote attacker to execute a “midair attack”...

The vulnerability of the PUB Manager web-based system for managing technological processes in SIMATIC PCS neo allows a hacker to load arbitrary documents.

The vulnerability of the administration console of the SIMATIC PCS neo web-based process control system is related to the absence of authentication for critical functions. Exploiting this vulnerability could allow an attacker to download arbitrary documents remotely...

The vulnerability of the ASP.NET Viewstate component of the production process management software ABB eSOMS allows a hacker to disclose protected information.

The vulnerability of the ASP.NET Viewstate component of the ABB eSOMS production process management software is related to the lack of authentication for critical functions. Exploiting this vulnerability could allow a malicious actor to disclose sensitive information...

The vulnerability of the comprehensive data analysis solution for FortiPresence, related to the lack of authentication for critical functions, allows attackers to gain access to Redis and MongoDB instances.

The vulnerability of the FortiPresence user traffic analysis integrated solution lies in the lack of authentication for the critical function. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain access to Redis and MongoDB instances by sending specially crafte...

NEC PC Settings Tool 安全漏洞

The NEC PC Settings Tool is a Nippon Electric NEC pre-installed settings tool for NEC-supplied computers. A security vulnerability exists in PC Settings Tool versions 10.x.x.x through 10.1.26.0 and 11.x.x.x through 11.0.22.0, which stems from missing authentication of critical functions. An...

Cognex 3D-A1000 Dimensioning System 访问控制错误漏洞

The Cognex 3D-A1000 Dimensioning System is a compact industrial smart camera capable of capturing 3D and 2D moving objects from Cognex Corporation. An access control error vulnerability exists in Cognex 3D-A1000 Dimensioning System version 1.0.3 3354 and prior versions, which stems from a lack of...