CVE-2026-8652

An OS Command Injection vulnerability exists in Aterm. If a malicious third person gains administrator access to the product’s web console, they may be able to execute arbitrary OS commands via adjacent network...

CVE-2026-8652

An OS Command Injection vulnerability exists in Aterm. If a malicious third person gains administrator access to the product’s web console, they may be able to execute arbitrary OS commands via adjacent network...

EUVD-2026-31620

An OS Command Injection vulnerability exists in Aterm. If a malicious third person gains administrator access to the product’s web console, they may be able to execute arbitrary OS commands via adjacent network...

EUVD-2019-8378

Malware in sbrugna...

CVE-2019-15712

An improper access control vulnerability in FortiMail admin webUI 6.2.0, 6.0.0 to 6.0.6, 5.4.10 and below may allow administrators to access web console they should not be authorized for...

PT-2025-2939 · Ibm · Ibm Mq

Name of the Vulnerable Software and Affected Versions: IBM MQ versions 9.3 LTS through 9.4 CD Description: The web console of IBM MQ could allow a local user to obtain sensitive information when a detailed technical error message is returned. Recommendations: For IBM MQ versions 9.3 LTS through 9...

CVE-2024-47864

home 5G HR02, Wi-Fi STATION SH-52B, and Wi-Fi STATION SH-54C contain a buffer overflow vulnerability in the hidden debug function. A remote unauthenticated attacker may get the web console of the product down...

PT-2023-2039 · Solarwinds · Solarwinds Orion

Name of the Vulnerable Software and Affected Versions: SolarWinds Orion affected versions not specified Description: The issue is related to the deserialization of untrusted data, which can allow a remote adversary with admin-level account access to the SolarWinds Web Console to execute arbitrary...

SolarWinds Platform 代码问题漏洞

SolarWinds Platform is a unified monitoring, observability, and service management platform from U.S.-based SolarWinds, Inc. A security vulnerability exists in SolarWinds Platform version 2022.4.1, which stems from vulnerability to deserialization of untrustworthy data and can be exploited by an...

Vulnerability discovered in pfSense pfBlockerNG

Researchers have discovered a vulnerability in the pfBlockerNG package of pfSense. A malicious person could exploit it to execute arbitrary OS commands on the vulnerable system, when the malicious party has access to the web console of pfSense. It is good practice not to have such a console...

CVE-2022-36960

SolarWinds Platform was susceptible to Improper Input Validation. This vulnerability allows a remote adversary with valid access to SolarWinds Web Console to escalate user privileges...

CVE-2022-36964

SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with valid access to SolarWinds Web Console to execute arbitrary commands...

PT-2022-23710 · Solarwinds · Solarwinds Platform

Name of the Vulnerable Software and Affected Versions: SolarWinds Platform affected versions not specified Description: The issue allows a remote adversary with valid access to SolarWinds Web Console to execute arbitrary commands due to the Deserialization of Untrusted Data. Recommendations: At t...

SolarWinds Platform 代码问题漏洞

SolarWinds Platform is a unified monitoring, observability, and service management platform from U.S.-based SolarWinds, Inc. A code issue vulnerability exists in SolarWinds Platform that stems from its susceptibility to deserialization of untrusted data leading to the execution of arbitrary...

CVE-2022-41746

A forced browsing vulnerability in Trend Micro Apex One could allow an attacker with access to the Apex One console on affected installations to escalate privileges and modify certain agent groupings. Please note: an attacker must first obtain the ability to log onto the Apex One web console in...

Vulnerabilities fixed in Trend Micro Apex One

Vulnerabilities have been fixed in Trend Micro Apex One. The vulnerabilities allow a malicious person to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS. Manipulation of data Increased user privileges To exploit the vulnerabilities, a...

Unauthorized Access Vulnerability in RG-NBR700G Router from Riptide Networks

RG-NBR700G is an Internet Behavior Management IBM router from Ruijie, which is designed for office scenarios. Unauthorized access vulnerability exists in RG-NBR700G, which can be exploited by an attacker to access the main page address of a web console or a connection that is not allowed to be...

CVE-2018-6443

A vulnerability in Brocade Network Advisor Versions before 14.3.1 could allow an unauthenticated, remote attacker to log in to the JBoss Administration interface of an affected system using an undocumented user credentials and install additional JEE applications. A remote unauthenticated user who...

CVE-2009-0857

Cross-site scripting XSS vulnerability in /prm/reports in the Performance Reporting Module PRM for Sun Management Center SunMC 3.6.1 and 4.0 allows remote attackers to inject arbitrary web script or HTML via the msg parameter. NOTE: this can be leveraged for access to the SunMC Web Console...