43 matches found
EUVD-2015-8143
Malware in sbrugna...
EUVD-2008-1891
Malware in sbrugna...
EUVD-2014-9009
Malware in sbrugna...
EUVD-2024-48606
Malicious code in bioql PyPI...
CVE-2023-22815
Post-authentication remote command injection vulnerability in Western Digital My Cloud OS 5 devices that could allow an attacker to execute code in the context of the root user on vulnerable CGI files. This vulnerability can only be exploited over the network and the attacker must already have...
CVE-2024-7729 CAYIN Technology CMS - Sensitive File Download
The CAYIN Technology CMS lacks proper access control, allowing unauthenticated remote attackers to download arbitrary CGI files...
CVE-2023-22815
Post-authentication remote command injection vulnerability in Western Digital My Cloud OS 5 devices that could allow an attacker to execute code in the context of the root user on vulnerable CGI files. This vulnerability can only be exploited over the network and the attacker must already have...
Western Digital My Cloud 命令注入漏洞
Western Digital My Cloud is a personal cloud storage device from Western Digital. A security vulnerability exists in Western Digital My Cloud OS 5 prior to version 5.26.119, which stems from a command injection vulnerability that could allow an attacker to execute code against vulnerable CGI file...
PT-2023-3459 · Western Digital · Western Digital My Cloud Os 5
Name of the Vulnerable Software and Affected Versions: Western Digital My Cloud OS 5 versions prior to 5.26.300 Description: The issue is related to a post-authentication remote command injection vulnerability in Western Digital My Cloud OS 5 devices. This could allow an attacker to execute code ...
CVE-2021-45428
TLR-2005KSH is affected by an incorrect access control vulnerability. THe PUT method is enabled so an attacker can upload arbitrary files including HTML and CGI formats...
CVE-2020-13977
Nagios 4.4.5 allows an attacker, who already has administrative access to change the "URL for JSON CGIs" configuration setting, to modify the Alert Histogram and Trends code via crafted versions of the archivejson.cgi, objectjson.cgi, and statusjson.cgi files. NOTE: this vulnerability has been...
CVE-2013-2572
A Security Bypass vulnerability exists in TP-LINK IP Cameras TL-SC 3130, TL-SC 3130G, 3171G, 4171G, and 3130 1.6.18P12 due to default hard-coded credentials for the administrative Web interface, which could let a malicious user obtain unauthorized access to CGI files...
CVE-2013-2572
CVE-2013-2572 / CVE-2013-2573 affect TP-Link IP cameras based on firmware v1.6.18P12 and earlier (TL-SC 3130, TL-SC 3130G, TL-SC 3171G, TL-SC 4171G). Root cause: hard-coded credentials in the administrative web interface (Boa http server) enabling bypass of authentication and, for CVE-2013-2573, ...
Webmin 1.900 Upload Execution
Webmin 1.900 allows authenticated users with “Upload and Download” module access to upload cgi files to a webroot subdirectory and the uploaded files can be executed by sending requests to the web server. Recent assessments: jrobles-r7 at May 09, 2019 5:57pm UTC reported: Details Webmin 1.900...
ZTE ZXDSL 831CII - Improper Access Restrictions Vulnerability
Exploit for hardware platform in category web applications Exploit Title: ZTE ZXDSL 831 Unauthorized Configuration Access Exploit Author: Ibad Shah Vendor Homepage: zte.com.cn Software Link: - Version: - ZXDSL - 831CII Tested on: Windows 10 CVE :- 2017-16953 ======================================...
ZTE ZXDSL 831CII Access Bypass Vulnerability (Nov 2017) - Active Check
ZTE ZXDSL 831CII devices are prone to an access bypass vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
ZTE ZXDSL 831 Unauthorized Configuration Access Bypass
Exploit Title: ZTE ZXDSL 831 Unauthorized Configuration Access Date: 27/11/2017 Exploit Author: Ibad Shah Vendor Homepage: zte.com.cn Software Link: - Version: - ZXDSL - 831CII Tested on: Windows 10 CVE :- 2017-16953 ======================================= The Router usually servers html files &...
ZTE ZXDSL 831CII - Improper Access Restrictions
Exploit Title: ZTE ZXDSL 831 Unauthorized Configuration Access Date: 27/11/2017 Exploit Author: Ibad Shah Vendor Homepage: zte.com.cn Software Link: - Version: - ZXDSL - 831CII Tested on: Windows 10 CVE :- 2017-16953 ======================================= The Router usually servers html files &...
ZTE ZXDSL 831CII - Improper Access Restrictions
ZTE ZXDSL 831CII - Improper Access Restrictions Exploit Title: ZTE ZXDSL 831 Unauthorized Configuration Access Date: 27/11/2017 Exploit Author: Ibad Shah Vendor Homepage: zte.com.cn Software Link: - Version: - ZXDSL - 831CII Tested on: Windows 10 CVE :- 2017-16953...
Halliburton LogView Pro 9.7.5 Crash
Exploit Title: Haliburton LogView Pro v9.7.5 Exploit Author: Karn Ganeshen Download link: http://www.halliburton.com/public/lp/contents/InteractiveTools/web/Toolkits/lp/HalliburtonLogViewer.exe Version: Current version 9.7.5 Tested on: Windows Vista Ultimate SP2 Open cgm/tif/tiff/tifh file -...