Lucene search
K

10 matches found

NVD
NVD
added 2020/12/23 4:15 p.m.28 views

CVE-2020-29552

An issue was discovered in URVE Build 24.03.2020. By using the internal/pc/vpro.php?mac=0&ip=0&operation=0&usr=0&pass=0%3bpowershell+-c+" substring, it is possible to execute a Powershell command and redirect its output to a file under the web root...

10CVSS9.6AI score0.04818EPSS
Exploits2References4
NVD
NVD
added 2020/12/23 4:15 p.m.38 views

CVE-2020-29551

An issue was discovered in URVE Build 24.03.2020. Using the internal/pc/shutdown.php path, it is possible to shutdown the system. Among others, the following files and scripts are also accessible: internal/pc/abort.php, internal/pc/restart.php, internal/pc/vpro.php, internal/pc/wake.php,...

9.1CVSS9.2AI score0.02834EPSS
Exploits2References4
Prion
Prion
added 2020/12/23 4:15 p.m.22 views

Design/Logic Flaw

An issue was discovered in URVE Build 24.03.2020. The password of an integration user account used for the connection of the MS Office 365 Integration Service is stored in cleartext in configuration files as well as in the database. The following files contain the password in cleartext:...

5CVSS7.6AI score0.01421EPSS
Exploits2References4Affected Software1
Prion
Prion
added 2020/12/23 4:15 p.m.23 views

Command injection

An issue was discovered in URVE Build 24.03.2020. By using the internal/pc/vpro.php?mac=0&ip=0&operation=0&usr=0&pass=0%3bpowershell+-c+" substring, it is possible to execute a Powershell command and redirect its output to a file under the web root...

10CVSS9.5AI score0.04818EPSS
Exploits2References4Affected Software1
Prion
Prion
added 2020/12/23 4:15 p.m.11 views

Design/Logic Flaw

An issue was discovered in URVE Build 24.03.2020. Using the internal/pc/shutdown.php path, it is possible to shutdown the system. Among others, the following files and scripts are also accessible: internal/pc/abort.php, internal/pc/restart.php, internal/pc/vpro.php, internal/pc/wake.php,...

8.5CVSS9AI score0.02834EPSS
Exploits2References4Affected Software1
Cvelist
Cvelist
added 2020/12/23 3:40 p.m.45 views

CVE-2020-29551

An issue was discovered in URVE Build 24.03.2020. Using the internal/pc/shutdown.php path, it is possible to shutdown the system. Among others, the following files and scripts are also accessible: internal/pc/abort.php, internal/pc/restart.php, internal/pc/vpro.php, internal/pc/wake.php,...

9.2AI score0.02834EPSS
Exploits2References4
Cvelist
Cvelist
added 2020/12/23 3:12 p.m.38 views

CVE-2020-29552

An issue was discovered in URVE Build 24.03.2020. By using the internal/pc/vpro.php?mac=0&ip=0&operation=0&usr=0&pass=0%3bpowershell+-c+" substring, it is possible to execute a Powershell command and redirect its output to a file under the web root...

9.6AI score0.04818EPSS
Exploits2References4
Cvelist
Cvelist
added 2020/12/23 3:6 p.m.62 views

CVE-2020-29550

An issue was discovered in URVE Build 24.03.2020. The password of an integration user account used for the connection of the MS Office 365 Integration Service is stored in cleartext in configuration files as well as in the database. The following files contain the password in cleartext:...

7.6AI score0.01421EPSS
Exploits2References4
CNNVD
CNNVD
added 2020/12/23 12:0 a.m.6 views

Urve Operating System Command Injection Vulnerability

Urve is a device for booking meeting rooms/rooms from Urve UK. The appliance supports integration with MS Exchange, Lotus, Office 365, Google Calendar and other systems to support meeting room and guest room reservations. Urve Build 24.03.2020 suffers from an operating system command injection...

10CVSS7.4AI score0.04818EPSS
Exploits2References6
CNNVD
CNNVD
added 2020/12/23 12:0 a.m.6 views

Urve Access Control Error Vulnerability

Urve is a device for booking meeting rooms/rooms from Urve UK. The device supports integration with MS Exchange, Lotus, Office 365, Google Calendar and other systems to support meeting room and guest room reservations. An Access Control Error vulnerability exists in URVE Build 24.03.2020, which...

9.1CVSS7.2AI score0.02834EPSS
Exploits2References6
Rows per page
Query Builder