107 matches found
CVE-2023-36850
An Improper Validation of Specified Index, Position, or Offset in Input vulnerability in the Connectivity Fault ManagementCFM module of Juniper Networks Junos OS on MX Seriesexcept MPC10, MPC11 and LC9600 allows an adjacent attacker on the local broadcast domain to cause a Denial of ServiceDoS...
CVE-2023-36848
An Improper Handling of Undefined Values vulnerability in the periodic packet management daemon PPMD of Juniper Networks Junos OS on MX Seriesexcept MPC10, MPC11 and LC9600 allows an unauthenticated adjacent attacker to cause a Denial of Service DoS. When a malformed CFM packet is received, it...
CVE-2023-36850 Junos OS: MX Series: An MPC will crash upon receipt of a malformed CFM packet.
An Improper Validation of Specified Index, Position, or Offset in Input vulnerability in the Connectivity Fault ManagementCFM module of Juniper Networks Junos OS on MX Seriesexcept MPC10, MPC11 and LC9600 allows an adjacent attacker on the local broadcast domain to cause a Denial of ServiceDoS...
CVE-2023-36850 Junos OS: MX Series: An MPC will crash upon receipt of a malformed CFM packet.
An Improper Validation of Specified Index, Position, or Offset in Input vulnerability in the Connectivity Fault ManagementCFM module of Juniper Networks Junos OS on MX Seriesexcept MPC10, MPC11 and LC9600 allows an adjacent attacker on the local broadcast domain to cause a Denial of ServiceDoS...
CVE-2023-36850
CVE-2023-36850 describes an improper validation of index/position/offset in Juniper Networks Junos OS CFM that causes the MPC on MX Series to crash when malformed CFM packets are received, leading to a sustained DoS if CFM is not configured. Affected: Junos OS on MX Series (excluding MPC10, MPC11...
CVE-2023-36848 Junos OS: MX Series: The FPC will crash on receiving a malformed CFM packet
An Improper Handling of Undefined Values vulnerability in the periodic packet management daemon PPMD of Juniper Networks Junos OS on MX Seriesexcept MPC10, MPC11 and LC9600 allows an unauthenticated adjacent attacker to cause a Denial of Service DoS. When a malformed CFM packet is received, it...
CVE-2023-36848 Junos OS: MX Series: The FPC will crash on receiving a malformed CFM packet
An Improper Handling of Undefined Values vulnerability in the periodic packet management daemon PPMD of Juniper Networks Junos OS on MX Seriesexcept MPC10, MPC11 and LC9600 allows an unauthenticated adjacent attacker to cause a Denial of Service DoS. When a malformed CFM packet is received, it...
PT-2023-6695 · Juniper Networks · Junos
Name of the Vulnerable Software and Affected Versions: Juniper Networks Junos OS versions prior to 19.1R3-S10 on MX Series Juniper Networks Junos OS 19.2 versions prior to 19.2R3-S7 on MX Series Juniper Networks Junos OS 19.3 versions prior to 19.3R3-S8 on MX Series Juniper Networks Junos OS 19.4...
Exploit for Classic Buffer Overflow in Tenda Ac6_Firmware
CVE-2023-38823 Buffer Overflow in formSetCfm Affected mod...
Exploit for Classic Buffer Overflow in Tenda Ac6_Firmware
Buffer Overflow in formSetCfm Affected models and firmwa...
Exploit for Classic Buffer Overflow in Tenda Ac6_Firmware
Buffer Overflow in formSetCfm Affected models and firmwa...
Lucee Authenticated Scheduled Job Code Execution Exploit
This Metasploit module can be used to execute a payload on Lucee servers that have an exposed administrative web interface. It's possible for an administrator to create a scheduled job that queries a remote ColdFusion file, which is then downloaded and executed when accessed. The payload is...
SUSE CVE-2017-13052
The CFM parser in tcpdump before 4.9.2 has a buffer over-read in print-cfm.c:cfmprint...
PT-2023-9913 · Unknown · Iamdroppy Phoenixcf
Name of the Vulnerable Software and Affected Versions: iamdroppy phoenixcf affected versions not specified Description: A critical vulnerability was found in iamdroppy phoenixcf, affecting an unknown functionality of the file content/2-Community/articles.cfm. The manipulation leads to sql...
CVE-2022-24007
A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G0001.0014. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to trigger this vulnerability.This vulnerability represents all...
CVE-2022-24007
A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G0001.0014. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to trigger this vulnerability.This vulnerability represents all...
PT-2022-16408 · Tcl · Tcl Linkhub Mesh Wi-Fi
Name of the Vulnerable Software and Affected Versions: TCL LinkHub Mesh Wi-Fi MS1G 00 01.00 14 Description: A buffer overflow issue exists in the GetValue functionality. This can be triggered by a specially-crafted configuration value, allowing an attacker to modify the configuration and cause a...
CVE-2020-15929
In Ortus TestBox 2.4.0 through 4.1.0, unvalidated query string parameters passed to system/runners/HTMLRunner.cfm allow an attacker to write an arbitrary CFM file within the application's context containing attacker-defined CFML tags, leading to Remote Code Execution...
Webshell-Analyzer - Web Shell Scanner And Analyzer
Web shell analyzer is a cross platform stand-alone binary built solely for the purpose of identifying, decoding, and tagging files that are suspected to be web shells. The web shell analyzer is the bigger brother to the web shell scanner project http://github.com/tstillz/webshell-scan, which only...
CVE-2020-1639 Junos OS: A crafted Ethernet OAM packet received by Junos may cause the Ethernet OAM connectivity fault management process (CFM) to core.
When an attacker sends a specific crafted Ethernet Operation, Administration, and Maintenance Ethernet OAM packet to a target device, it may improperly handle the incoming malformed data and fail to sanitize this incoming data resulting in an overflow condition. This overflow condition in Juniper...