30 matches found
Auerswald COMfortel 1400和2600 IP 授权问题漏洞
The Auerswald Comfortel 1400 Ip is an Ip phone from Auerswald Germany. A security vulnerability exists in the web-based configuration management interface of the Auerswald COMfortel 1400 and 2600 IP desk phones. The vulnerability allows access to configuration data and settings in the web-based...
CVE-2020-13124
SABnzbd 2.3.9 and 3.0.0Alpha2 expose a command-injection vulnerability via the web configuration interface that allows an authenticated user to execute arbitrary Python commands on the underlying OS. The provided documents identify the affected versions and vulnerability class but do not specify ...
CVE-2020-13124
SABnzbd 2.3.9 and 3.0.0Alpha2 has a command injection vulnerability in the web configuration interface that permits an authenticated user to execute arbitrary Python commands on the underlying operating system...
Design/Logic Flaw
A vulnerability has been identified in SCALANCE X204RNA HSR, SCALANCE X204RNA PRP, SCALANCE X204RNA EEC HSR, SCALANCE X204RNA EEC PRP, SCALANCE X204RNA EEC PRP/HSR, SCALANCE X302-7 EEC 230V, SCALANCE X302-7 EEC 230V, coated, SCALANCE X302-7 EEC 24V, SCALANCE X302-7 EEC 24V, coated, SCALANCE X302-...
CVE-2019-13933
CVE-2019-13933 affects Siemens SCALANCE X switches (multiple models including X-200RNA, X-300 family, XR324, XR324-4M, etc.). The root cause is an unauthenticated access vulnerability in the device web configuration interface that allows a remote attacker to bypass access-control rules by sending...
FreePBX 13.0.35 remote code execution
A vulnerability overview 1. Vulnerability description FreePBX is called the Asterisk Management Portal, IP telephony tools Asterisk standardized implementation that provides a Web configuration interface and other workers FreePBX in functions.inc.php file exists for the parameters without...
SureCom EP-9510AX/EP-4504AX Network Device Malformed Web Authorization Request Denial of Service Vulnerability (1)
No description provided by source. source: http://www.securityfocus.com/bid/9795/info An issue in the handling of specific web requests by SureCom network devices has been identified. By placing a malformed request to the web configuration interface, it is possible for an attacker to deny service...
SureCom EP-9510AX/EP-4504AX Network Device - Malformed Web Authorisation Request Denial of Service (1)
source: https://www.securityfocus.com/bid/9795/info An issue in the handling of specific web requests by SureCom network devices has been identified. By placing a malformed request to the web configuration interface, it is possible for an attacker to deny service to legitimate users of a vulnerab...
SureCom EP-9510AX/EP-4504AX Network Device - Malformed Web Authorisation Request Denial of Service (2)
// source: https://www.securityfocus.com/bid/9795/info An issue in the handling of specific web requests by SureCom network devices has been identified. By placing a malformed request to the web configuration interface, it is possible for an attacker to deny service to legitimate users of a...
CVE-2000-0945
The web configuration interface for Catalyst 3500 XL switches allows remote attackers to execute arbitrary commands without authentication when the enable password is not set, via a URL containing the /exec/ directory...