121 matches found
CVE-2024-28344
An Open Redirect vulnerability was found in Sipwise C5 NGCP Dashboard below mr11.5.1. The Open Redirect vulnerability allows attackers to control the "back" parameter in the URL through a double encoded URL...
CVE-2024-28344
An Open Redirect vulnerability was found in Sipwise C5 NGCP Dashboard below mr11.5.1. The Open Redirect vulnerability allows attackers to control the "back" parameter in the URL through a double encoded URL...
Sipwise C5 NGCP Dashboard 安全漏洞
Sipwise C5 NGCP Dashboard is a management interface from Sipwise that is used to manage and monitor various features and services of the Sipwise C5 Next Generation Communication Platform NGCP. A security vulnerability exists in Sipwise C5 NGCP Dashboard versions prior to mr11.5.1, which stems fro...
CVE-2024-28344
CVE-2024-28344: Open Redirect vulnerability in Sipwise C5 NGCP Dashboard before mr11.5.1. The issue allows an attacker to manipulate the back parameter via a double-encoded URL. Impact is low in CVSS terms per provided metrics, and exploitation would require user interaction. Remediation: update ...
CVE-2024-28345
An issue discovered in Sipwise C5 NGCP Dashboard below mr11.5.1 allows a low privileged user to access the Journal endpoint by directly visit the URL...
Sipwise C5 NGCP Dashboard 安全漏洞
Sipwise C5 NGCP Dashboard is a management interface from Sipwise that is used to manage and monitor various features and services of the Sipwise C5 Next Generation Communication Platform NGCP. A security vulnerability exists in Sipwise C5 NGCP Dashboard versions prior to mr11.5.1, which stems fro...
CVE-2024-28345
An issue discovered in Sipwise C5 NGCP Dashboard below mr11.5.1 allows a low privileged user to access the Journal endpoint by directly visit the URL...
PT-2024-22399 · Sipwise · Sipwise C5 Ngcp Dashboard
Name of the Vulnerable Software and Affected Versions: Sipwise C5 NGCP Dashboard versions prior to mr11.5.1 Description: An issue in Sipwise C5 NGCP Dashboard allows a low-privileged user to access the "Journal endpoint" by directly visiting the URL. Recommendations: For versions prior to mr11.5....
CVE-2024-28345
Sipwise C5 NGCP Dashboard (versions prior to mr11.5.1) is affected by CVE-2024-28345, where a low-privileged user can access the Journal endpoint by directly visiting its URL. The vulnerability reference across sources indicates insufficient access control/endpoint exposure that allows direct URL...
PT-2024-22398 · Sipwise · Sipwise C5 Ngcp Dashboard
Name of the Vulnerable Software and Affected Versions: Sipwise C5 NGCP Dashboard versions prior to mr11.5.1 Description: An Open Redirect issue was found, allowing attackers to control the back parameter in the URL through a double encoded URL. This enables attackers to redirect users to unintend...
QNAP QuTScloud Multiple OS Command Injection Vulnerabilities (QSA-23-57) - Version Check
QNAP QuTScloud is prone to multiple OS command injection vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
QNAP QuTScloud Multiple Vulnerabilities (QSA-23-41, QSA-23-42)
QNAP QuTScloud is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/o:qnap:qutscloud"; ifdescripti...
CVE-2023-39224
Archer C5 firmware all versions and Archer C7 firmware versions prior to 'Archer C7JPV2230602' allow a network-adjacent authenticated attacker to execute arbitrary OS commands. Note that Archer C5 is no longer supported, therefore the update for this product is not provided...
CVE-2023-39224
Archer C5 firmware all versions and Archer C7 firmware versions prior to 'Archer C7JPV2230602' allow a network-adjacent authenticated attacker to execute arbitrary OS commands. Note that Archer C5 is no longer supported, therefore the update for this product is not provided...
Design/Logic Flaw
Archer C5 firmware all versions and Archer C7 firmware versions prior to 'Archer C7JPV2230602' allow a network-adjacent authenticated attacker to execute arbitrary OS commands. Note that Archer C5 is no longer supported, therefore the update for this product is not provided...
CVE-2023-39224
Archer C5 firmware all versions and Archer C7 firmware versions prior to 'Archer C7JPV2230602' allow a network-adjacent authenticated attacker to execute arbitrary OS commands. Note that Archer C5 is no longer supported, therefore the update for this product is not provided...
CVE-2023-39224
CVE-2023-39224 affects TP-LINK Archer C5 (all versions) and Archer C7 (JP) versions prior to Archer C7(JP)_V2_230602. A network-adjacent authenticated attacker can execute arbitrary OS commands due to a vulnerable component/flow. Remediation: upgrade Archer C7(JP) to V2 230602 or later; no offici...
CVE-2023-39224
Archer C5 firmware all versions and Archer C7 firmware versions prior to 'Archer C7JPV2230602' allow a network-adjacent authenticated attacker to execute arbitrary OS commands. Note that Archer C5 is no longer supported, therefore the update for this product is not provided...
PT-2023-26841 · Tp Link · Archer C5 +1
Name of the Vulnerable Software and Affected Versions: Archer C5 versions all Archer C7 versions prior to Archer C7JP V2 230602 Description: The issue allows a network-adjacent authenticated attacker to execute arbitrary OS commands. Note that Archer C5 is no longer supported, and therefore, the...
The vulnerability in the httpd-demon of TP-Link Archer C5 version 2 and TP-Link WR710N version 1 allows a hacker to execute arbitrary code or cause a service failure.
The vulnerability of the httpd daemon in the microprogramming-based routing software of TP-Link Archer C5 version 2 and TP-Link WR710N version 1 is related to buffer overflows during packet processing. Exploiting this vulnerability allows an attacker to execute arbitrary code or cause service...