144 matches found
Electrolink FM/DAB/TV Transmitter Remote Authentication Removal Exploit
Electrolink FM/DAB/TV Transmitter suffers from an unauthenticated parameter manipulation that allows an attacker to set the credentials to blank giving her access to the admin panel. It is also vulnerable to account takeover and arbitrary password change. !/usr/bin/env python Electrolink FM/DAB/T...
Electrolink FM/DAB/TV Transmitter (login.htm/mail.htm) Credential Disclosure Vulnerability
The Electrolink FM/DAB/TV Transmitter suffers from a disclosure of clear-text credentials in login.htm and mail.htm that can allow security bypass and system access. Electrolink FM/DAB/TV Transmitter login.htm/mail.htm Credentials Disclosure Vendor: Electrolink s.r.l. Product web page:...
Electrolink FM/DAB/TV Transmitter Vertical Privilege Escalation Vulnerability
Electrolink FM/DAB/TV Transmitter suffers from a privilege escalation vulnerability. An attacker can escalate his privileges by poisoning the Cookie from GUEST to ADMIN to effectively become Administrator or poisoning to ZSL to become Super Administrator. Electrolink FM/DAB/TV Transmitter Vertica...
Electrolink FM/DAB/TV Transmitter (Login Cookie) Authentication Bypass
Electrolink FM/DAB/TV Transmitter Login Cookie Authentication Bypass Vendor: Electrolink s.r.l. Product web page: https://www.electrolink.com Affected version: 10W, 100W, 250W, Compact DAB Transmitter 500W, 1kW, 2kW Medium DAB Transmitter 2.5kW, 3kW, 4kW, 5kW High Power DAB Transmitter 100W, 500W...
Electrolink FM/DAB/TV Transmitter Vertical Privilege Escalation
Electrolink FM/DAB/TV Transmitter Vertical Privilege Escalation Vendor: Electrolink s.r.l. Product web page: https://www.electrolink.com Affected version: 10W, 100W, 250W, Compact DAB Transmitter 500W, 1kW, 2kW Medium DAB Transmitter 2.5kW, 3kW, 4kW, 5kW High Power DAB Transmitter 100W, 500W, 1kW...
Electrolink FM/DAB/TV Transmitter (Login Cookie) Authentication Bypass Vulnerability
Electrolink FM/DAB/TV Transmitter suffers from an authentication bypass vulnerability affecting the Login Cookie. An attacker can set an arbitrary value except NO to the Login Cookie and have full system access. Electrolink FM/DAB/TV Transmitter Login Cookie Authentication Bypass Vendor:...
Electrolink FM/DAB/TV Transmitter (login.htm/mail.htm) Credential Disclosure
Electrolink FM/DAB/TV Transmitter login.htm/mail.htm Credentials Disclosure Vendor: Electrolink s.r.l. Product web page: https://www.electrolink.com Affected version: 10W, 100W, 250W, Compact DAB Transmitter 500W, 1kW, 2kW Medium DAB Transmitter 2.5kW, 3kW, 4kW, 5kW High Power DAB Transmitter 100...
Electrolink FM/DAB/TV Transmitter (controlloLogin.js) Credential Disclosure Vulnerability
Electrolink FM/DAB/TV Transmitter suffers from a disclosure of clear-text credentials in controlloLogin.js that can allow security bypass and system access. Electrolink FM/DAB/TV Transmitter controlloLogin.js Credentials Disclosure Vendor: Electrolink s.r.l. Product web page:...
Electrolink FM/DAB/TV Transmitter Vertical Privilege Escalation
Summary Since 1990 Electrolink has been dealing with design and manufacturing of advanced technologies for radio and television broadcasting. The most comprehensive products range includes: FM Transmitters, DAB Transmitters, TV Transmitters for analogue and digital multistandard operation, Bandpa...
Electrolink FM/DAB/TV Transmitter SuperAdmin Hidden Functionality
Summary Since 1990 Electrolink has been dealing with design and manufacturing of advanced technologies for radio and television broadcasting. The most comprehensive products range includes: FM Transmitters, DAB Transmitters, TV Transmitters for analogue and digital multistandard operation, Bandpa...
K15904: Multiple third-party application-server vulnerabilities
Security Advisory Description CVE-2003-1418 Apache HTTP Server 1.3.22 through 1.3.27 on OpenBSD allows remote attackers to obtain sensitive information via 1 the ETag header, which reveals the inode number, or 2 multipart MIME boundary, which reveals child proccess IDs PID. CVE-2004-2320 The...
Embedthis Software Appweb Community Edition Denial of Service Vulnerability
Embedthis Software Appweb is a web server for embedded applications from Embedthis Software, Inc. A denial of service vulnerability exists in Embedthis Software Appweb Community Edition version 8.2.1, which originates in src/ http/http/httpLib.c, an attacker can use this vulnerability to crash th...
CVE-2021-33254
An issue was discovered in src/http/httpLib.c in EmbedThis Appweb Community Edition 8.2.1, allows attackers to cause a denial of service via the stream paramter to the parseUri function...
CVE-2021-33254
An issue was discovered in src/http/httpLib.c in EmbedThis Appweb Community Edition 8.2.1, allows attackers to cause a denial of service via the stream paramter to the parseUri function...
Design/Logic Flaw
An issue was discovered in src/http/httpLib.c in EmbedThis Appweb Community Edition 8.2.1, allows attackers to cause a denial of service via the stream paramter to the parseUri function...
Embedthis Software Appweb 代码问题漏洞
Embedthis Software Appweb is a web server for embedded applications from Embedthis Software, Inc. A denial of service vulnerability exists in Embedthis Software Appweb Community Edition version 8.2.1, which originates in src/ http/http/httpLib.c, an attacker can use this vulnerability to crash th...
CVE-2021-33254
CVE-2021-33254 affects EmbedThis Appweb Community Edition 8.2.1. The issue resides in src/http/httpLib.c (parseUri) and allows a denial of service via the stream parameter to parseUri, potentially crashing the server. Connected sources (NVD, Red Hat, CNVD, CNNVD, CVE listing) confirm the descript...
CVE-2021-33254
An issue was discovered in src/http/httpLib.c in EmbedThis Appweb Community Edition 8.2.1, allows attackers to cause a denial of service via the stream paramter to the parseUri function...
Palo Alto Networks PAN-OS Misconfiguration Vulnerability
Palo Alto Networks PAN-OS is an operating system developed by Palo Alto Networks for its firewall appliances. A misconfiguration vulnerability exists in Palo Alto Networks PAN-OS. The vulnerability stems from an unreasonable file configuration, parameter configuration, etc. during the use of a...
Palo Alto Networks PAN-OS 8.0.x / 8.1.x < 8.1.16 DoS
The version of Palo Alto Networks PAN-OS running on the remote host is 8.0.x or 8.1.x prior to 8.1.16. It is, therefore, affected by a denial of service DoS vulnerability. An insecure configuration of the appweb daemon allows a remote, unauthenticated user to send a specifically crafted request t...