8 matches found
Western Digital MyCloud PR4100 CGI API Command Injection Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of the Western Digital MyCloud PR4100 NAS device. Authentication is required to exploit this vulnerability. The specific flaw exists within the CGI API. The issue results from the lack of prop...
Western Digital My Cloud NAS Elevation of Privilege Vulnerability
Western Digital My Cloud is a personal cloud storage device from Western Digital. An elevation of privilege vulnerability exists in Western Digital My Cloud NAS versions prior to 5.04.114, which stems from a remote code execution vulnerability in cgi api.php that allows privilege escalation. No...
[CVE-REQUEST] Multiple CSRF vulnerabilities on Foscam IP cameras web UI
Embedded Web interface version 2.4.10.3 and older of Foscam FI8910W, FI8908W and many others is vulnerable to CSRF attacks. This allows attacker to perform calls to any CGI API using cached basic server authentication data stored in victims browser. Details: For example, the following URL request...
Foscam Cross Site Request Forgery
Embedded Web interface version 2.4.10.3 and older of Foscam FI8910W, FI8908W and many others is vulnerable to CSRF attacks. This allows attacker to perform calls to any CGI API using cached basic server authentication data stored in victims browser. Details: For example, the following URL request...
Freeside SelfService CGI|API 2.3.3 - Multiple Vulnerabilities
Title: ====== Freeside SelfService CGI|API 2.3.3 - Multiple Vulnerabilities Date: ===== 2012-06-14 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=614 VL-ID: ===== 614 Common Vulnerability Scoring System: ==================================== 6.5 Introduction:...
Freeside SelfService CGI|API 2.3.3 Cross Site Scripting / SQL Injection
Title: ====== Freeside SelfService CGI|API 2.3.3 - Multiple Vulnerabilities Date: ===== 2012-06-14 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=614 VL-ID: ===== 614 Common Vulnerability Scoring System: ==================================== 6.5 Introduction:...
Freeside SelfService CGI|API 2.3.3 - Multiple Vulnerabilities
Document Title: =============== Freeside SelfService CGI|API 2.3.3 - Multiple Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=614 Release Date: ============= 2012-06-13 Vulnerability Laboratory ID VL-ID: ==================================...
Freeside SelfService CGI|API 2.3.3 - Multiple Vulnerabilities
Document Title: =============== Freeside SelfService CGI|API 2.3.3 - Multiple Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=614 Release Date: ============= 2012-06-13 Vulnerability Laboratory ID VL-ID: ==================================...