Lucene search
K

365 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 4:13 a.m.6 views

CVE-2019-10040

The D-Link DIR-816 A2 1.11 router only checks the random token when authorizing a goform request. An attacker can get this token from dirlogin.asp and use a hidden API URL /goform/SystemCommand to execute a system command without authentication...

10CVSS7.3AI score0.02522EPSS
Exploits1References1
CNVD
CNVD
added 2025/05/14 12:0 a.m.3 views

D-Link DIR-816 A2 Command Injection Vulnerability

The D-Link DIR-816 A2 is a wireless router from China's AUO D-Link. The D-Link DIR-816 A2 suffers from a command injection vulnerability that stems from iptablesWebsFilterRun failing to properly filter constructor command special characters, commands, etc. No detailed vulnerability details are...

6.3CVSS9.7AI score0.0105EPSS
Exploits1References1
BDU FSTEC
BDU FSTEC
added 2025/05/14 12:0 a.m.10 views

The vulnerability of D-Link DIR-816 A2’s microprogrammed software, related to the lack of measures taken to clean data at the management level, allows a hacker to execute arbitrary code.

The vulnerability of the D-Link DIR-816 A2 router’s microprogramming software is related to the lack of measures taken to clean data at the control level. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

6.5CVSS5.9AI score0.0104EPSS
Exploits1References3Affected Software1
CNNVD
CNNVD
added 2025/05/01 12:0 a.m.3 views

D-Link DIR-816 A2 安全漏洞

The D-Link DIR-816 A2 is a wireless router from China's AUO D-Link. The D-Link DIR-816 A2 suffers from a command injection vulnerability that stems from iptablesWebsFilterRun failing to properly filter constructor command special characters, commands, etc. No detailed vulnerability details are...

6.3CVSS7.6AI score0.0105EPSS
Exploits1References1
CNVD
CNVD
added 2025/04/25 12:0 a.m.1 views

D-Link DIR-816 A2 Command Injection Vulnerability

The D-Link DIR-816 A2 is a home and small office SOHO wireless router from D-Link. A command injection vulnerability exists in the D-Link DIR-816 A2. The vulnerability originates in the /goform/delRouting path. No detailed vulnerability details are provided at this time...

6.5CVSS6.9AI score0.0104EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/04/22 12:0 a.m.5 views

D-Link DIR-816 A2 安全漏洞

The D-Link DIR-816 A2 is a home and small office SOHO wireless router from D-Link. A command injection vulnerability exists in the D-Link DIR-816 A2. The vulnerability originates in the /goform/delRouting path. No detailed vulnerability details are provided at this time...

6.5CVSS7.6AI score0.0104EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/04/06 2:30 a.m.24 views

CVE-2025-25061

Unintended proxy or intermediary 'Confused Deputy' issue exists in HMI ViewJet C-more series and HMI GC-A2 series, which may allow a remote unauthenticated attacker to use the product as an intermediary for FTP bounce attack...

5.8CVSS7.1AI score0.00429EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/04/06 2:29 a.m.23 views

CVE-2025-24317

Allocation of resources without limits or throttling issue exists in HMI ViewJet C-more series and HMI GC-A2 series, which may allow a remote unauthenticated attacker to cause a denial-of-service DoS condition...

5.3CVSS7AI score0.00575EPSS
Exploits0References1
NVD
NVD
added 2025/04/04 2:15 a.m.7 views

CVE-2025-25061

Unintended proxy or intermediary 'Confused Deputy' issue exists in HMI ViewJet C-more series and HMI GC-A2 series, which may allow a remote unauthenticated attacker to use the product as an intermediary for FTP bounce attack...

5.8CVSS0.00429EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/04/04 2:10 a.m.7 views

CVE-2025-25061

Unintended proxy or intermediary 'Confused Deputy' issue exists in HMI ViewJet C-more series and HMI GC-A2 series, which may allow a remote unauthenticated attacker to use the product as an intermediary for FTP bounce attack...

5.8CVSS7.3AI score0.00429EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/04/04 2:10 a.m.12 views

CVE-2025-25061

Unintended proxy or intermediary 'Confused Deputy' issue exists in HMI ViewJet C-more series and HMI GC-A2 series, which may allow a remote unauthenticated attacker to use the product as an intermediary for FTP bounce attack...

5.8CVSS0.00429EPSS
Exploits0References3
CVE
CVE
added 2025/04/04 2:10 a.m.49 views

CVE-2025-25061

CVE-2025-25061 affects JTEKT/HMI ViewJet C-more and HMI GC-A2 series. Description: an unintended proxy/intermediary (Confused Deputy) vulnerability could allow a remote unauthenticated attacker to use the product as an intermediary for an FTP bounce attack. Impact: attacker may misuse the product...

5.8CVSS7.3AI score0.00429EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/04/04 2:9 a.m.8 views

CVE-2025-24317

Allocation of resources without limits or throttling issue exists in HMI ViewJet C-more series and HMI GC-A2 series, which may allow a remote unauthenticated attacker to cause a denial-of-service DoS condition...

5.3CVSS7.2AI score0.00575EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/04/04 2:9 a.m.21 views

CVE-2025-24317

Allocation of resources without limits or throttling issue exists in HMI ViewJet C-more series and HMI GC-A2 series, which may allow a remote unauthenticated attacker to cause a denial-of-service DoS condition...

5.3CVSS0.00575EPSS
Exploits0References3
CVE
CVE
added 2025/04/04 2:9 a.m.48 views

CVE-2025-24317

CVE-2025-24317 affects JTEKT ELECTRONICS ViewJet C-more series and HMI GC-A2 series. The root cause is an Allocation of Resources Without Limits or Throttling (CWE-770). The vulnerability could allow a remote unauthenticated attacker to trigger a DoS condition, as described in multiple sources (N...

5.3CVSS7.2AI score0.00575EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2025/04/04 12:0 a.m.7 views

The vulnerability of the microprogrammed software for ViewJet C-more Series and GC-A2 Series touch panels lies in their ability to bypass access control mechanisms, allowing intruders to compromise the integrity of the protected information.

The vulnerability of the microprogrammed software in the ViewJet C-more Series and GC-A2 Series sensor panels lies in their ability to bypass access control mechanisms. Exploiting this vulnerability could allow an attacker to compromise the integrity of the protected information...

5.8CVSS6.4AI score0.00429EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2025/04/04 12:0 a.m.7 views

The vulnerability of the microprogrammed software of the ViewJet C-more Series and GC-A2 Series sensor panels, related to unlimited distribution of resources, allows a intruder to cause service failures.

The vulnerability of the microprogrammed software in the ViewJet C-more Series and GC-A2 Series sensor panels is related to unlimited distribution of resources. Exploiting this vulnerability could allow a malicious actor to cause service failures...

5.3CVSS6.2AI score0.00575EPSS
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/04/02 6:12 a.m.5 views

Multiple vulnerabilities in JTEKT ELECTRONICS CORPORATION's products

Overview HMI ViewJet C-more series and HMI GC-A2 series provided by JTEKT ELECTRONICS CORPORATION contain multiple vulnerabilities listed below. Improper Restriction of Rendered UI Layers or Frames CWE-1021 - CVE-2025-24310 Allocation of Resources Without Limits or Throttling CWE-770 -...

7.2CVSS7AI score0.00974EPSS
Exploits0References8
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/04/02 12:0 a.m.17 views

JVN#17260367: Multiple vulnerabilities in JTEKT ELECTRONICS CORPORATION's products

HMI ViewJet C-more series and HMI GC-A2 series provided by JTEKT ELECTRONICS CORPORATION contain multiple vulnerabilities listed below. Improper Restriction of Rendered UI Layers or Frames CWE-1021 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N Base Score 4.3 CVE-2025-24310 Allocation of Resources...

6.5CVSS7.5AI score0.00575EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2025/04/02 12:0 a.m.4 views

PT-2025-14825 · Unknown · Hmi Gc-A2 Series +1

Name of the Vulnerable Software and Affected Versions: HMI ViewJet C-more series affected versions not specified HMI GC-A2 series affected versions not specified Description: A resource allocation issue without limits or throttling exists, potentially allowing a remote unauthenticated attacker to...

5.3CVSS6.7AI score0.00575EPSS
Exploits0References13
Rows per page
Query Builder