Authentication flaw

HOME SPOT CUBE2 firmware V101 and earlier allows an attacker to bypass authentication to load malicious firmware via WebUI...

CVE-2017-2185

HOME SPOT CUBE2 firmware V101 and earlier allows authenticated attackers to execute arbitrary OS commands via WebUI...

CVE-2017-2186

HOME SPOT CUBE2 firmware V101 and earlier allows an attacker to bypass authentication to load malicious firmware via WebUI...

CVE-2017-2184

The CVE-2017-2184 entry affects the HOME SPOT CUBE2 firmware (V101 and earlier). The vulnerability is a buffer overflow in the WebUI that can allow an attacker with access to the device’s management screen to execute arbitrary code. Public sources (NVD, JVN, CVE list) corroborate that an attacker...

CVE-2017-2185

CVE-2017-2185 affects HOME SPOT CUBE2 firmware v101 and earlier. The vulnerability is an OS command injection in the WebUI that allows an authenticated attacker to execute arbitrary OS commands. Root cause: improper handling of commands in the WebUI, enabling arbitrary command execution when mana...

CVE-2017-2184

Buffer overflow in HOME SPOT CUBE2 firmware V101 and earlier allows an attacker to execute arbitrary code via WebUI...

EMC RSA Archer WebUI Detection

Binary data emcrsaarcherdetect.nbin...

Check_MK Server WebUI Detection

Binary data checkmkdetectwebui.nbin...

HOME SPOT CUBE2 vulnerable to OS command injection in WebUI

Overview HOME SPOT CUBE2 provided by KDDI CORPORATION is a wireless LAN router. HOME SPOT CUBE2 contains OS command injection in WebUI. Taizoh Tsukamoto of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security...

KDDI HOME SPOT CUBE2 WebUI Authentication Bypass Vulnerability

KDDI HOME SPOT CUBE is a home wireless router product from KDDI Japan.WebUI is one of the graphical user interfaces. An authentication bypass vulnerability exists in the WebUI in KDDI HOME SPOT CUBE2 using firmware version 101 and earlier. An attacker can exploit this vulnerability to bypass...

Google Chrome WebUI Code Execution Vulnerability

Google Chrome is a web browser developed by Google Inc. in the United States. A security vulnerability exists in the Google Chrome WebUI page, which allows remote attackers to exploit the vulnerability to construct a malicious Web page that can be tricked into parsing by users, which can crash an...

Arachni Version Detection

Detects the installed version of Arachni. The script detects the version of Arachni remote host and sets the KB. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

Security update for chromium (important)

This update to Chromium 59.0.3071.86 fixes the following security issues: - CVE-2017-5070: Type confusion in V8 - CVE-2017-5071: Out of bounds read in V8 - CVE-2017-5072: Address spoofing in Omnibox - CVE-2017-5073: Use after free in print preview - CVE-2017-5074: Use after free in Apps Bluetooth...

Google Chrome < 59.0.3071.86 Multiple Vulnerabilities

The version of Google Chrome installed on the remote macOS host is prior to 59.0.3071.86. It is, therefore, affected by multiple vulnerabilities as referenced in the 201706stable-channel-update-for-desktop advisory. - A use after free in credit card autofill in Google Chrome prior to 59.0.3071.86...

Google Chrome < 59.0.3071.86 Multiple Vulnerabilities

The version of Google Chrome installed on the remote Windows host is prior to 59.0.3071.86. It is, therefore, affected by multiple vulnerabilities as referenced in the 201706stable-channel-update-for-desktop advisory. - A use after free in credit card autofill in Google Chrome prior to 59.0.3071....

openSUSE Security Update : chromium (openSUSE-2017-661)

This update to Chromium 59.0.3071.86 fixes the following security issues : - CVE-2017-5070: Type confusion in V8 - CVE-2017-5071: Out of bounds read in V8 - CVE-2017-5072: Address spoofing in Omnibox - CVE-2017-5073: Use after free in print preview - CVE-2017-5074: Use after free in Apps Bluetoot...

Google Chrome < 59.0.3071.86 Multiple Vulnerabilities

Binary data 700131.pasl...

Google Chrome WebUI Page JavaScript Code Execution Vulnerability

Google Chrome is a web browser developed by Google, Inc.WebUI pages are a graphical user interface. A JavaScript code execution vulnerability exists in WebUI pages in versions of Google Chrome prior to 59.0.3071.86. An attacker can exploit this vulnerability to execute JavaScript code...

openSUSE Security Update : deluge (openSUSE-2017-656)

This update for deluge fixes two security issues : - CVE-2017-9031: A remote attacker may have used a directory traversal vulnerability in the web interface bsc1039815 - CVE-2017-7178: A remote attacher could have exploited a CSRF vulnerability to trick a logged-in user to perform actions in the...

openSUSE: Security Advisory for deluge (openSUSE-SU-2017:1497-1)

The remote host is missing an update for the Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...