CVE-2023-42035 Visualware MyConnection Server doIForward XML External Entity Processing Information Disclosure Vulnerability

Visualware MyConnection Server doIForward XML External Entity Processing Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Visualware MyConnection Server. Authentication is not required to exploit this...

CVE-2023-42035

Summary: CVE-2023-42035 affects Visualware MyConnection Server, arising from the doIForward method and improper restriction of XML External Entity (XXE) references. A crafted XML document can cause the parser to retrieve a URI and embed its contents back into the XML, leading to information discl...

CVE-2023-42034 Visualware MyConnection Server doRTAAccessCTConfig Cross-Site Scripting Authentication Bypass Vulnerability

Visualware MyConnection Server doRTAAccessCTConfig Cross-Site Scripting Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of Visualware MyConnection Server. Minimal user interaction is required to exploit this...

CVE-2023-42034

Visualware MyConnection Server is affected by CVE-2023-42034 in the doRTAAccessCTConfig path, enabling Cross-Site Scripting that bypasses authentication. The flaw arises from insufficient validation of user-supplied data, permitting injection of arbitrary script and resulting in a remote authenti...

CVE-2023-42033 Visualware MyConnection Server doPostUploadfiles Directory Traversal Remote Code Execution Vulnerability

Visualware MyConnection Server doPostUploadfiles Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Visualware MyConnection Server. Although authentication is required to exploit this...

CVE-2023-42033

Visualware MyConnection Server is affected by CVE-2023-42033 via the doPostUploadfiles directory traversal, allowing remote code execution with root context. The flaw is due to insufficient validation of a user-supplied path before file operations. Exploitation requires authentication, but authen...

CVE-2023-42032 Visualware MyConnection Server doRTAAccessUPass Exposed Dangerous Method Information Disclosure Vulnerability

Visualware MyConnection Server doRTAAccessUPass Exposed Dangerous Method Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Visualware MyConnection Server. Authentication is not required to exploit this...

CVE-2023-42032 Visualware MyConnection Server doRTAAccessUPass Exposed Dangerous Method Information Disclosure Vulnerability

Visualware MyConnection Server doRTAAccessUPass Exposed Dangerous Method Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Visualware MyConnection Server. Authentication is not required to exploit this...

CVE-2023-42032

CVE-2023-42032 affects Visualware MyConnection Server. The doRTAAccessUPass method is exposed, creating an unauthenticated remote information disclosure vulnerability. Multiple connected sources corroborate that an attacker can disclose sensitive data within the application context without authen...

Visualware MyConnection Server 安全漏洞

Visualware MyConnection Server is a software application from Visualware, Inc. Providing accurate measurements of network quality and performance ensures a good user experience. A security vulnerability exists in Visualware MyConnection Server, which arises from a specific flaw in the doIForward...

The vulnerability of the doRTAAccessCTConfig method in the software for testing and monitoring network quality by Visualware MyConnection Server allows a hacker to circumvent existing security restrictions.

The vulnerability of the doRTAAccessCTConfig method exists in the software used for testing and monitoring network quality by Visualware MyConnection Server. This vulnerability arises due to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability allows a...

Visualware MyConnection Server doIForward XML External Entity Processing Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Visualware MyConnection Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the doIForward method. Due to the improper restriction of XML...

Visualware MyConnection Server doPostUploadfiles Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Visualware MyConnection Server. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

Visualware MyConnection Server doRTAAccessCTConfig Cross-Site Scripting Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of Visualware MyConnection Server. Minimal user interaction is required to exploit this vulnerability. The specific flaw exists within the doRTAAccessCTConfig method. The issue results from the lack of...

PT-2023-28223 · Visualware · Visualware Myconnection Server

Name of the Vulnerable Software and Affected Versions: Visualware MyConnection Server affected versions not specified Description: This issue allows remote attackers to disclose sensitive information on affected installations of Visualware MyConnection Server. Authentication is not required to...

PT-2023-4977 · Visualware · Visualware Myconnection Server

Name of the Vulnerable Software and Affected Versions: Visualware MyConnection Server affected versions not specified Description: This issue allows remote attackers to bypass authentication on affected installations of Visualware MyConnection Server. Minimal user interaction is required to explo...

Visualware MyConnection Server File Upload Vulnerability

Visualware MyConnection Server is a software application from Visualware, Inc. Providing accurate measurements of network quality and performance ensures a great user experience. A file upload vulnerability exists in Visualware MyConnection Server 11.0b build 5382 and prior versions, which...

CVE-2021-27198

An issue was discovered in Visualware MyConnection Server before v11.1a. Unauthenticated Remote Code Execution can occur via Arbitrary File Upload in the web service when using a myspeed/sf?filename= URI. This application is written in Java and is thus cross-platform. The Windows installation run...

CVE-2021-27198

An issue was discovered in Visualware MyConnection Server before v11.1a. Unauthenticated Remote Code Execution can occur via Arbitrary File Upload in the web service when using a myspeed/sf?filename= URI. This application is written in Java and is thus cross-platform. The Windows installation run...

CVE-2021-27198

Visualware MyConnection Server is affected by an unauthenticated remote code execution vulnerability (CVE-2021-27198) present in versions prior to 11.1a. The issue arises via an arbitrary file upload in the web service through the myspeed/sf?filename= URI, enabling code execution on the server (W...