Lucene search
+L

121 matches found

Vulnrichment
Vulnrichment
added 2024/04/10 12:0 a.m.14 views

CVE-2024-28344

An Open Redirect vulnerability was found in Sipwise C5 NGCP Dashboard below mr11.5.1. The Open Redirect vulnerability allows attackers to control the "back" parameter in the URL through a double encoded URL...

6.8AI score0.00463EPSS
Exploits2References1
Cvelist
Cvelist
added 2024/04/10 12:0 a.m.20 views

CVE-2024-28344

An Open Redirect vulnerability was found in Sipwise C5 NGCP Dashboard below mr11.5.1. The Open Redirect vulnerability allows attackers to control the "back" parameter in the URL through a double encoded URL...

6.7AI score0.00463EPSS
Exploits2References1
CNNVD
CNNVD
added 2024/04/10 12:0 a.m.7 views

Sipwise C5 NGCP Dashboard 安全漏洞

Sipwise C5 NGCP Dashboard is a management interface from Sipwise that is used to manage and monitor various features and services of the Sipwise C5 Next Generation Communication Platform NGCP. A security vulnerability exists in Sipwise C5 NGCP Dashboard versions prior to mr11.5.1, which stems fro...

5.5CVSS6.3AI score0.00463EPSS
Exploits2References2
CVE
CVE
added 2024/04/10 12:0 a.m.55 views

CVE-2024-28344

CVE-2024-28344: Open Redirect vulnerability in Sipwise C5 NGCP Dashboard before mr11.5.1. The issue allows an attacker to manipulate the back parameter via a double-encoded URL. Impact is low in CVSS terms per provided metrics, and exploitation would require user interaction. Remediation: update ...

3.1CVSS6.7AI score0.00463EPSS
Exploits2References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/04/10 12:0 a.m.9 views

CVE-2024-28345

An issue discovered in Sipwise C5 NGCP Dashboard below mr11.5.1 allows a low privileged user to access the Journal endpoint by directly visit the URL...

6.7AI score0.00463EPSS
Exploits2References1
CNNVD
CNNVD
added 2024/04/10 12:0 a.m.4 views

Sipwise C5 NGCP Dashboard 安全漏洞

Sipwise C5 NGCP Dashboard is a management interface from Sipwise that is used to manage and monitor various features and services of the Sipwise C5 Next Generation Communication Platform NGCP. A security vulnerability exists in Sipwise C5 NGCP Dashboard versions prior to mr11.5.1, which stems fro...

5.5CVSS6.3AI score0.00463EPSS
Exploits2References2
Cvelist
Cvelist
added 2024/04/10 12:0 a.m.19 views

CVE-2024-28345

An issue discovered in Sipwise C5 NGCP Dashboard below mr11.5.1 allows a low privileged user to access the Journal endpoint by directly visit the URL...

6.6AI score0.00463EPSS
Exploits2References1
Positive Technologies
Positive Technologies
added 2024/04/10 12:0 a.m.8 views

PT-2024-22399 · Sipwise · Sipwise C5 Ngcp Dashboard

Name of the Vulnerable Software and Affected Versions: Sipwise C5 NGCP Dashboard versions prior to mr11.5.1 Description: An issue in Sipwise C5 NGCP Dashboard allows a low-privileged user to access the "Journal endpoint" by directly visiting the URL. Recommendations: For versions prior to mr11.5....

5.5CVSS6.3AI score0.00463EPSS
Exploits2References5
CVE
CVE
added 2024/04/10 12:0 a.m.48 views

CVE-2024-28345

Sipwise C5 NGCP Dashboard (versions prior to mr11.5.1) is affected by CVE-2024-28345, where a low-privileged user can access the Journal endpoint by directly visiting its URL. The vulnerability reference across sources indicates insufficient access control/endpoint exposure that allows direct URL...

5.5CVSS6.6AI score0.00463EPSS
Exploits2References1Affected Software1
Positive Technologies
Positive Technologies
added 2024/04/10 12:0 a.m.11 views

PT-2024-22398 · Sipwise · Sipwise C5 Ngcp Dashboard

Name of the Vulnerable Software and Affected Versions: Sipwise C5 NGCP Dashboard versions prior to mr11.5.1 Description: An Open Redirect issue was found, allowing attackers to control the back parameter in the URL through a double encoded URL. This enables attackers to redirect users to unintend...

5.5CVSS6.2AI score0.00463EPSS
Exploits2References5
OpenVAS
OpenVAS
added 2024/02/13 12:0 a.m.21 views

QNAP QuTScloud Multiple OS Command Injection Vulnerabilities (QSA-23-57) - Version Check

QNAP QuTScloud is prone to multiple OS command injection vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

8.3CVSS7.3AI score0.8992EPSS
Exploits5References1
OpenVAS
OpenVAS
added 2023/10/17 12:0 a.m.17 views

QNAP QuTScloud Multiple Vulnerabilities (QSA-23-41, QSA-23-42)

QNAP QuTScloud is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/o:qnap:qutscloud"; ifdescripti...

7.5CVSS7.2AI score0.0061EPSS
Exploits0References2
NVD
NVD
added 2023/09/06 10:15 a.m.18 views

CVE-2023-39224

Archer C5 firmware all versions and Archer C7 firmware versions prior to 'Archer C7JPV2230602' allow a network-adjacent authenticated attacker to execute arbitrary OS commands. Note that Archer C5 is no longer supported, therefore the update for this product is not provided...

8CVSS8AI score0.0035EPSS
Exploits0References2
OSV
OSV
added 2023/09/06 10:15 a.m.4 views

CVE-2023-39224

Archer C5 firmware all versions and Archer C7 firmware versions prior to 'Archer C7JPV2230602' allow a network-adjacent authenticated attacker to execute arbitrary OS commands. Note that Archer C5 is no longer supported, therefore the update for this product is not provided...

8CVSS6AI score0.0035EPSS
Exploits0References2
Prion
Prion
added 2023/09/06 10:15 a.m.18 views

Design/Logic Flaw

Archer C5 firmware all versions and Archer C7 firmware versions prior to 'Archer C7JPV2230602' allow a network-adjacent authenticated attacker to execute arbitrary OS commands. Note that Archer C5 is no longer supported, therefore the update for this product is not provided...

5.2CVSS8AI score0.0035EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/09/06 9:22 a.m.13 views

CVE-2023-39224

Archer C5 firmware all versions and Archer C7 firmware versions prior to 'Archer C7JPV2230602' allow a network-adjacent authenticated attacker to execute arbitrary OS commands. Note that Archer C5 is no longer supported, therefore the update for this product is not provided...

7.4AI score0.0035EPSS
Exploits0References2
CVE
CVE
added 2023/09/06 9:22 a.m.60 views

CVE-2023-39224

CVE-2023-39224 affects TP-LINK Archer C5 (all versions) and Archer C7 (JP) versions prior to Archer C7(JP)_V2_230602. A network-adjacent authenticated attacker can execute arbitrary OS commands due to a vulnerable component/flow. Remediation: upgrade Archer C7(JP) to V2 230602 or later; no offici...

8CVSS7.9AI score0.0035EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/09/06 9:22 a.m.19 views

CVE-2023-39224

Archer C5 firmware all versions and Archer C7 firmware versions prior to 'Archer C7JPV2230602' allow a network-adjacent authenticated attacker to execute arbitrary OS commands. Note that Archer C5 is no longer supported, therefore the update for this product is not provided...

8.2AI score0.0035EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/09/06 12:0 a.m.8 views

PT-2023-26841 · Tp Link · Archer C5 +1

Name of the Vulnerable Software and Affected Versions: Archer C5 versions all Archer C7 versions prior to Archer C7JP V2 230602 Description: The issue allows a network-adjacent authenticated attacker to execute arbitrary OS commands. Note that Archer C5 is no longer supported, and therefore, the...

8CVSS7.9AI score0.0035EPSS
Exploits0References7
BDU FSTEC
BDU FSTEC
added 2023/02/15 12:0 a.m.7 views

The vulnerability in the httpd-demon of TP-Link Archer C5 version 2 and TP-Link WR710N version 1 allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of the httpd daemon in the microprogramming-based routing software of TP-Link Archer C5 version 2 and TP-Link WR710N version 1 is related to buffer overflows during packet processing. Exploiting this vulnerability allows an attacker to execute arbitrary code or cause service...

9CVSS8.7AI score0.01781EPSS
Exploits0References4Affected Software2
Rows per page
Query Builder