216 matches found
多款Cisco产品缓冲区错误漏洞
The Cisco RV110W is a Wireless-N VPN firewall, the Cisco RV130 is a multifunction VPN router, the Cisco RV130W is a Wireless-N multifunction VPN router, and the Cisco RV215W is a Wireless-N VPN router. A remote command execution and denial of service vulnerability exists in the Web management...
多款Cisco产品缓冲区错误漏洞
The Cisco RV110W is a Wireless-N VPN firewall, the Cisco RV130 is a multifunction VPN router, the Cisco RV130W is a Wireless-N multifunction VPN router, and the Cisco RV215W is a Wireless-N VPN router. A remote command execution and denial of service vulnerability exists in the Web management...
The vulnerability of the web interface of Cisco Firepower Threat Defense (FTD) and Cisco Adaptive Security Appliance (ASA) allows attackers to gain unauthorized access to protected information.
The vulnerability of the web-based interfaces of Cisco Firepower Threat Defense FTD and Cisco Adaptive Security Appliance ASA is related to deficiencies in the authentication mechanism. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to protected informatio...
The vulnerability of the AnyConnect and WebVPN interfaces of Cisco Firepower Threat Defense (FTD) and Cisco Adaptive Security Appliance (ASA) allows a perpetrator to carry out a cross-site scripting attack.
The vulnerability of the AnyConnect and WebVPN interfaces of Cisco Firepower Threat Defense FTD and Cisco Adaptive Security Appliance ASA software lies in the insufficient protection of the web page structure. Exploiting this vulnerability can allow a malicious actor to execute a cross-site attac...
Exploit for Improper Input Validation in Cisco Adaptive_Security_Appliance_Software
CVE-2020-3452 A WIP python script to exploit the directory tr...
CVE-2020-26553
An issue was discovered in Aviatrix Controller before R6.0.2483. Several APIs contain functions that allow arbitrary files to be uploaded to the web tree...
dahua
This is a collection of proof-of-concept PoC exploit code and research notes for various vulnerabilities in IP cameras and other network devices. The code is written in Python and C, and the notes provide information on the vulnerabilities, including the attack vector, authentication requirements...
CVE-2020-3580
Multiple vulnerabilities in the web services interface of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to conduct cross-site scripting XSS attacks against a user of the web services interface of an...
vulhub
It is an offensive tool for web application security training. The target product/service or framework is not explicitly stated, but the repository contains various vulnerable environments based on Docker-Compose, including Flask, Apache, Nginx, and more. The vulnerability class/vector is not...
The vulnerability in the web interface of Cisco Adaptive Security Appliance and Cisco Firepower Threat Defense micro-programming software allows a perpetrator to expose protected information.
The vulnerability of the web interfaces of Cisco Adaptive Security Appliance and Cisco Firepower Threat Defense software exists due to insufficient verification of input data. Exploiting this vulnerability can allow a malicious actor to disclose protected information remotely...
The vulnerability in the web interface of Cisco Unified Communications Manager and Cisco Unified Communications Manager Session Management Edition (SME) allows a perpetrator to carry out cross-site scenario attacks.
The vulnerability of the Cisco Unified Communications Manager and Cisco Unified Communications Manager Session Management Edition SME web interfaces is related to insufficient protection of the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripti...
The vulnerability in the web interface of Cisco Unified Communications Manager, Cisco Unified Communications Manager Session Management Edition (SME), Cisco Unified Communications Manager IM & Presence Service, and Cisco Unity Connection allows a perpetrator to carry out cross-site scripting attacks.
The vulnerability of the Cisco Unified Communications Manager, Cisco Unified Communications Manager Session Management Edition SME, Cisco Unified Communications Manager IM & Presence Service, and Cisco Unity Connection web interfaces is related to insufficient protection of the website structure...
CVE-2020-10042
A vulnerability has been identified in SICAM MMU All versions V2.05, SICAM SGU All versions, SICAM T All versions V2.18. A buffer overflow in various positions of the web application might enable an attacker with access to the web application to execute arbitrary code over the network...
Sql injection
A SQL injection vulnerability in the user and admin web interfaces of Sophos XG Firewall v18.0 MR1 and older potentially allows an attacker to run arbitrary code remotely. The fix is built into the re-release of XG Firewall v18 MR-1 named MR-1-Build396 and the v17.5 MR13 release. All other versio...
CVE-2020-15504
A SQL injection vulnerability in the user and admin web interfaces of Sophos XG Firewall v18.0 MR1 and older potentially allows an attacker to run arbitrary code remotely. The fix is built into the re-release of XG Firewall v18 MR-1 named MR-1-Build396 and the v17.5 MR13 release. All other versio...
Palo Alto Networks PAN-OS 7.1.x < 7.1.26 / 8.0.x < 8.1.13 / 8.1.x < 8.1.13 / 9.0.x < 9.0.6 Vulnerability
The version of Palo Alto Networks PAN-OS running on the remote host is 7.1.x prior to 7.1.26 or 8.0.x prior to 8.1.13 or 8.1.x prior to 8.1.13 or 9.0.x prior to 9.0.6. It is, therefore, affected by a vulnerability. - A DOM-Based Cross Site Scripting Vulnerability exists in PAN-OS and Panorama...
CVE-2020-3269
Multiple vulnerabilities in the web-based management interface of Cisco RV110W, RV130, RV130W, and RV215W Series Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary commands. For more information about these vulnerabilities, see the Details...
Buffer Overflow Vulnerability in Multiple Cisco Products (CNVD-2020-34327)
Cisco Small Business RV016 Multi-WAN VPN, etc. are a VPN router from Cisco USA. A buffer overflow vulnerability exists in the Web management interface of several Cisco products, which arises from a program's failure to properly restrict user input boundaries, and can be exploited by a remote...
CVE-2020-4494
IBM Spectrum Protect Client 8.1.7.0 through 8.1.9.1 Linux and Windows, 8.1.9.0 trough 8.1.9.1 AIX and IBM Spectrum Protect for Space Management 8.1.7.0 through 8.1.9.1 Linux, 8.1.9.0 through 8.1.9.1 AIX web user interfaces could allow an attacker to bypass authentication due to improper session...
CVE-2020-4406
IBM Spectrum Protect Client 8.1.7.0 through 8.1.9.1 Linux and Windows, 8.1.9.0 trough 8.1.9.1 AIX and IBM Spectrum Protect for Space Management 8.1.7.0 through 8.1.9.1 Linux, 8.1.9.0 through 8.1.9.1 AIX web user interfaces could allow a remote attacker to hijack the clicking action of the victim...