Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

330 matches found

Exploit DB
Exploit DBadded 2023/03/31 12:0 a.m.183 views

ASKEY RTF3505VW-N1 - Privilege Escalation

Exploit Title: ASKEY RTF3505VW-N1 - Privilege escalation Date: 07-12-2022 Exploit Author: Leonardo Nicolas Servalli Vendor Homepage: www.askey.com Platform: ASKEY router devices RTF3505VW-N1 Tested on: Firmware BRSVg000R3505VMN1001s327 Vulnerability analysis:...

7.4AI score
Exploits0
Positive Technologies
Positive Technologiesadded 2023/02/22 12:0 a.m.3 views

PT-2023-12967 · Unknown · Pfsense Ce +1

Name of the Vulnerable Software and Affected Versions: pfSense CE versions 2.6.0 and earlier pfSense Plus versions prior to 22.05 Description: The issue allows for XSS in the WebGUI via URL Table Alias URL parameters. This means an attacker could potentially inject malicious scripts into the web...

6.1CVSS6AI score0.59562EPSS
Exploits0References6
Tenable Nessus
Tenable Nessusadded 2023/02/17 12:0 a.m.24 views

WAGO Series 750-88x and 750-87x Use of Hard-Coded Credentials (CVE-2019-10712)

The Web-GUI on WAGO Series 750-88x 750-330, 750-352, 750-829, 750-831, 750-852, 750-880, 750-881, 750-882, 750-884, 750-885, 750-889 and Series 750-87x 750-830, 750-849, 750-871, 750-872, 750-873 devices has undocumented service access. This plugin only works with Tenable.ot. Please visit...

9.8CVSS8.4AI score0.02763EPSS
Exploits0References11
Fortinet
Fortinetadded 2023/02/16 12:0 a.m.30 views

FortiWeb - OS command injection in Web GUI

An improper neutralization of special elements used in an os command 'OS Command Injection' CWE-78 in FortiWeb may allow an authenticated attacker to execute arbitrary shell code as root user via crafted HTTP requests...

6.5CVSS8.9AI score0.0261EPSS
Exploits0Affected Software1
0day.today
0day.todayadded 2023/01/22 12:0 a.m.410 views

ASKEY RTF3505VW-N1 Privilege Escalation Vulnerability

Exploit Title: ASKEY RTF3505VW-N1 - Privilege escalation Exploit Author: Leonardo Nicolas Servalli Vendor Homepage: www.askey.com Platform: ASKEY router devices RTF3505VW-N1 Tested on: Firmware BRSVg000R3505VMN1001s327 Vulnerability analysis:...

7.4AI score
Exploits0
OSV
OSVadded 2023/01/20 7:15 p.m.2 views

CVE-2020-22662

In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.0.199, Ruckus T301n 10.5.1.0.199, Ruckus T301s 10.5.1.0.199, SmartCell Gateway 200 SCG200 before 3.6.2.0.795, SmartZone 100 SZ-100 before 3.6.2.0.795, SmartZone 300 SZ300 before 3.6.2.0.795, Virtua...

7.5CVSS6.1AI score0.01255EPSS
Exploits0References2
NVD
NVDadded 2023/01/20 7:15 p.m.21 views

CVE-2020-22662

In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.0.199, Ruckus T301n 10.5.1.0.199, Ruckus T301s 10.5.1.0.199, SmartCell Gateway 200 SCG200 before 3.6.2.0.795, SmartZone 100 SZ-100 before 3.6.2.0.795, SmartZone 300 SZ300 before 3.6.2.0.795, Virtua...

7.5CVSS8AI score0.01255EPSS
Exploits0References2
NVD
NVDadded 2023/01/20 7:15 p.m.13 views

CVE-2020-22657

In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.0.199, Ruckus T301n 10.5.1.0.199, Ruckus T301s 10.5.1.0.199, SmartCell Gateway 200 SCG200 before 3.6.2.0.795, SmartZone 100 SZ-100 before 3.6.2.0.795, SmartZone 300 SZ300 before 3.6.2.0.795, Virtua...

9.1CVSS9.3AI score0.006EPSS
Exploits0References2
Prion
Prionadded 2023/01/20 7:15 p.m.15 views

Authentication flaw

In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.0.199, Ruckus T301n 10.5.1.0.199, Ruckus T301s 10.5.1.0.199, SmartCell Gateway 200 SCG200 before 3.6.2.0.795, SmartZone 100 SZ-100 before 3.6.2.0.795, SmartZone 300 SZ300 before 3.6.2.0.795, Virtua...

6.4CVSS9.1AI score0.006EPSS
Exploits0References1Affected Software14
Vulnrichment
Vulnrichmentadded 2023/01/20 12:0 a.m.4 views

CVE-2020-22657

In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.0.199, Ruckus T301n 10.5.1.0.199, Ruckus T301s 10.5.1.0.199, SmartCell Gateway 200 SCG200 before 3.6.2.0.795, SmartZone 100 SZ-100 before 3.6.2.0.795, SmartZone 300 SZ300 before 3.6.2.0.795, Virtua...

9.4AI score0.006EPSS
Exploits0References2
Cvelist
Cvelistadded 2023/01/20 12:0 a.m.19 views

CVE-2020-22662

In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.0.199, Ruckus T301n 10.5.1.0.199, Ruckus T301s 10.5.1.0.199, SmartCell Gateway 200 SCG200 before 3.6.2.0.795, SmartZone 100 SZ-100 before 3.6.2.0.795, SmartZone 300 SZ300 before 3.6.2.0.795, Virtua...

8AI score0.01255EPSS
Exploits0References2
Cvelist
Cvelistadded 2023/01/20 12:0 a.m.22 views

CVE-2020-22657

In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.0.199, Ruckus T301n 10.5.1.0.199, Ruckus T301s 10.5.1.0.199, SmartCell Gateway 200 SCG200 before 3.6.2.0.795, SmartZone 100 SZ-100 before 3.6.2.0.795, SmartZone 300 SZ300 before 3.6.2.0.795, Virtua...

9.3AI score0.006EPSS
Exploits0References2
hivepro
hiveproadded 2023/01/06 2:9 p.m.31 views

Several vulnerabilities are addressed by Fortinet across its product range

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Fortinet addressed security vulnerabilities across its products, most notably FortiADC, which has a high-severity command injection bug listed as CVE-2022-39947 due to incorrect input validation i...

2AI score0.02891EPSS
Exploits0
Fortinet
Fortinetadded 2023/01/03 12:0 a.m.43 views

FortiADC - command injection in web interface

An improper neutralization of special elements used in an OS Command vulnerability CWE-78 in FortiADC may allow an authenticated attacker with access to the web GUI to execute unauthorized code or commands via specifically crafted HTTP requests...

6.5CVSS8.6AI score0.02891EPSS
Exploits0Affected Software1
Packet Storm
Packet Stormadded 2022/12/15 12:0 a.m.281 views

Syncovery For Linux Web-GUI Authenticated Remote Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'json' class MetasploitModule 'Syncovery For Linux Web-GUI Authenticated Remote Command Execution', 'Description' = %q This module exploits an authenticated...

8.8CVSS0.9AI score0.54237EPSS
Exploits4
0day.today
0day.todayadded 2022/12/15 12:0 a.m.234 views

Syncovery For Linux Web-GUI Authenticated Remote Command Execution Exploit

This Metasploit module exploits an authenticated command injection vulnerability in the Web GUI of Syncovery File Sync and Backup Software for Linux. Successful exploitation results in remote code execution under the context of the root user. Syncovery allows an authenticated user to create jobs,...

8.8CVSS9.2AI score0.54237EPSS
Exploits4
Metasploit
Metasploitadded 2022/12/14 7:51 p.m.163 views

Syncovery For Linux Web-GUI Authenticated Remote Command Execution

This module exploits an authenticated command injection vulnerability in the Web GUI of Syncovery File Sync & Backup Software for Linux. Successful exploitation results in remote code execution under the context of the root user. Syncovery allows an authenticated user to create jobs, which are...

8.8CVSS9AI score0.54237EPSS
Exploits4
Metasploit
Metasploitadded 2022/12/14 7:51 p.m.225 views

Syncovery For Linux Web-GUI Session Token Brute-Forcer

This module attempts to brute-force a valid session token for the Syncovery File Sync & Backup Software Web-GUI by generating all possible tokens, for every second between 'DateTime.now' and the given X days. By default today and yesterday DAYS = 1 will be checked. If a valid session token is...

9.8CVSS8.4AI score0.05145EPSS
Exploits3
GithubExploit
GithubExploitadded 2022/12/07 2:58 a.m.2 views

Exploit for Incorrect Default Permissions in Askey Rtf3505Vw-N1_Firmware

Privilege-escalation-ASKEY-Router-RTF3505VW-N1 CVE-2022-47040...

7.8CVSS7.8AI score0.00345EPSS
Exploits2
Metasploit
Metasploitadded 2022/12/05 7:51 p.m.365 views

Syncovery For Linux Web-GUI Login Utility

This module will attempt to authenticate to Syncovery File Sync & Backup Software For Linux Web-GUI. Module Options msf use auxiliary/scanner/http/syncoverylinuxlogin msf auxiliarysyncoverylinuxlogin show actions ...actions... msf auxiliarysyncoverylinuxlogin set ACTION msf...

5.9AI score
Exploits0
Rows per page
Query Builder