Lucene search
K

233 matches found

CNNVD
CNNVD
added 2021/06/07 12:0 a.m.5 views

Wireshark安全漏洞

Wireshark is a network packet analyzer. Wireshark is a network packet analyzer that captures network packets and displays the most detailed packet information possible.Wireshark uses WinPCAP as an interface to exchange data packets directly with the network card. An infinite loop vulnerability...

7.5CVSS7.5AI score0.01789EPSS
Exploits0References12
Zero Day Initiative
Zero Day Initiative
added 2021/05/25 12:0 a.m.39 views

Advantech BB-ESWGP506-2SFP-T Use of Hard-coded Credentials Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech BB-ESWGP506-2SFP-T industrial switches. Authentication is not required to exploit this vulnerability. The specific flaw exists within the telnet service, which listens on TCP port 23 by...

9.8CVSS3.7AI score0.03612EPSS
Exploits0References1
CNVD
CNVD
added 2021/03/01 12:0 a.m.7 views

Advantech BB-ESWGP506-2SFP-T Hardcoded Vulnerability

The Advantech BB-ESWGP506-2SFP-T is an application from CHAAdvantech that provides an intelligent electric bus management system. A hard-coded vulnerability in the Advantech BB-ESWGP506-2SFP-T allows remote attackers to exploit the vulnerability to submit a special request, gain unauthorized acce...

10CVSS7.1AI score0.03612EPSS
Exploits0References1
OSV
OSV
added 2021/02/24 5:15 p.m.9 views

CVE-2021-22667

BB-ESWGP506-2SFP-T versions 1.01.09 and prior is vulnerable due to the use of hard-coded credentials, which may allow an attacker to gain unauthorized access and permit the execution of arbitrary code on the BB-ESWGP506-2SFP-T versions 1.01.01 and prior...

9.8CVSS7.6AI score0.03612EPSS
Exploits0References2
NVD
NVD
added 2021/02/24 5:15 p.m.37 views

CVE-2021-22667

BB-ESWGP506-2SFP-T versions 1.01.09 and prior is vulnerable due to the use of hard-coded credentials, which may allow an attacker to gain unauthorized access and permit the execution of arbitrary code on the BB-ESWGP506-2SFP-T versions 1.01.01 and prior...

10CVSS0.03612EPSS
Exploits0References2
Prion
Prion
added 2021/02/24 5:15 p.m.13 views

Hardcoded credentials

BB-ESWGP506-2SFP-T versions 1.01.09 and prior is vulnerable due to the use of hard-coded credentials, which may allow an attacker to gain unauthorized access and permit the execution of arbitrary code on the BB-ESWGP506-2SFP-T versions 1.01.01 and prior...

10CVSS9.7AI score0.03612EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2021/02/24 4:1 p.m.41 views

CVE-2021-22667

BB-ESWGP506-2SFP-T versions 1.01.09 and prior is vulnerable due to the use of hard-coded credentials, which may allow an attacker to gain unauthorized access and permit the execution of arbitrary code on the BB-ESWGP506-2SFP-T versions 1.01.01 and prior...

9.9AI score0.03612EPSS
Exploits0References2
CVE
CVE
added 2021/02/24 4:1 p.m.60 views

CVE-2021-22667

CVE-2021-22667 affects Advantech BB-ESWGP506-2SFP-T industrial switches (versions 1.01.09 and prior). The root cause is hard-coded credentials in the device, enabling unauthorized access and arbitrary code execution. ZDI specifies exploitation via the telnet service (port 23) with a hard-coded ad...

10CVSS9.7AI score0.03612EPSS
Exploits0References2Affected Software1
ICS
ICS
added 2021/02/23 12:0 a.m.59 views

Advantech BB-ESWGP506-2SFP-T

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Advantech Equipment: BB-ESWGP506-2SFP-T Vulnerability: Use of Hard-coded Credentials 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to gain unauthorized...

10CVSS10AI score0.03612EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2021/02/19 12:0 a.m.24 views

The vulnerability of the web interface of the microprogramming software for the Advantech BB-ERT351 network router allows a hacker to disclose passwords of network services.

The vulnerability of the web interface of the Advantech BB-ERT351 network router lies in the absence of a mechanism for masking passwords when they are displayed in the web interface. Exploiting this vulnerability can allow an attacker to disclose passwords from network services such as PPTP and...

7.5CVSS5.5AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/02/19 12:0 a.m.4 views

The vulnerability of the microprogrammed network router Advantech BB-ERT351, related to the use of a unreliable cryptographic algorithm, allows a hacker to retrieve the administrator password from the hash.

The vulnerability of the microprogrammed network router Advantech BB-ERT351 is related to the use of a unreliable cryptographic algorithm for hashing passwords. Exploiting this vulnerability could allow an attacker, operating remotely, to retrieve the administrator’s password from the hash...

5.6CVSS5.5AI score
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/02/19 12:0 a.m.5 views

The vulnerability of the microprogrammed network router Advantech BB-ERT351, related to authentication errors, allows a hacker to obtain the administrator’s password.

The vulnerability of the microprogrammed network router Advantech BB-ERT351 is related to the lack of restrictions on the number of authentication attempts. Exploiting this vulnerability allows a malicious actor to brute-force the administrator password remotely...

10CVSS7.7AI score0.01484EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/02/19 12:0 a.m.3 views

The vulnerability of the microprogrammed network router Advantech BB-ERT351, related to insufficient protection of the website structure, allows attackers to carry out cross-site scripting attacks.

The vulnerability of the microprogrammed network router Advantech BB-ERT351 is related to insufficient protection of the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks using specially crafted URLs...

7.8CVSS6AI score0.00739EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/02/19 12:0 a.m.6 views

The vulnerability of the microprogrammed network router Advantech BB-ERT351, related to the default use of the HTTP protocol, allows a hacker to intercept administrator credentials and other confidential information.

The vulnerability of the microprogrammed network router Advantech BB-ERT351 is related to the default use of the HTTP protocol during the implementation of the “Basic HTTP Authentication” method. Exploiting this vulnerability allows a malicious actor to intercept administrator credentials and oth...

10CVSS7.2AI score0.00776EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2021/02/10 7:15 p.m.4 views

CVE-2021-27167

An issue was discovered on FiberHome HG6245D devices through RP2613. There is a password of four hexadecimal characters for the admin account. These characters are generated in init3bbpassword in libciadaptationlayer.so...

9.8CVSS7.3AI score0.1459EPSS
Exploits1References1
Openbugbounty
Openbugbounty
added 2020/10/28 12:19 p.m.5 views

bb-q.ru Cross Site Scripting vulnerability OBB-1457993

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

6.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2020/09/26 5:31 p.m.7 views

bb-lugano.ch Cross Site Scripting vulnerability OBB-1366441

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

6.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2020/09/23 4:10 p.m.8 views

bb-lugano.ch Cross Site Scripting vulnerability OBB-1359616

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

6.2AI score
Exploits0
Github Security Blog
Github Security Blog
added 2020/09/03 7:20 p.m.19 views

Malicious Package in bb-builder

All versions of bb-builder contained malicious code. The package ran an executable targeting Windows and uploaded information to a remote server. Recommendation Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that...

3.5AI score
Exploits0References2Affected Software1
OSV
OSV
added 2020/09/03 7:20 p.m.7 views

GHSA-VM6V-W6Q2-MRRQ Malicious Package in bb-builder

All versions of bb-builder contained malicious code. The package ran an executable targeting Windows and uploaded information to a remote server. Recommendation Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that...

9.8CVSS6.9AI score
Exploits0References1
Rows per page
Query Builder