EUVD-2014-9009

Malware in sbrugna...

EUVD-2015-8143

Malware in sbrugna...

EUVD-2008-1891

Malware in sbrugna...

EUVD-2024-48606

Malicious code in bioql PyPI...

CVE-2023-22815

Post-authentication remote command injection vulnerability in Western Digital My Cloud OS 5 devices that could allow an attacker to execute code in the context of the root user on vulnerable CGI files. This vulnerability can only be exploited over the network and the attacker must already have...

CVE-2024-7729 CAYIN Technology CMS - Sensitive File Download

The CAYIN Technology CMS lacks proper access control, allowing unauthenticated remote attackers to download arbitrary CGI files...

CVE-2023-22815

Post-authentication remote command injection vulnerability in Western Digital My Cloud OS 5 devices that could allow an attacker to execute code in the context of the root user on vulnerable CGI files. This vulnerability can only be exploited over the network and the attacker must already have...

Western Digital My Cloud 命令注入漏洞

Western Digital My Cloud is a personal cloud storage device from Western Digital. A security vulnerability exists in Western Digital My Cloud OS 5 prior to version 5.26.119, which stems from a command injection vulnerability that could allow an attacker to execute code against vulnerable CGI file...

PT-2023-3459 · Western Digital · Western Digital My Cloud Os 5

Name of the Vulnerable Software and Affected Versions: Western Digital My Cloud OS 5 versions prior to 5.26.300 Description: The issue is related to a post-authentication remote command injection vulnerability in Western Digital My Cloud OS 5 devices. This could allow an attacker to execute code ...

CVE-2020-13977

Nagios 4.4.5 allows an attacker, who already has administrative access to change the "URL for JSON CGIs" configuration setting, to modify the Alert Histogram and Trends code via crafted versions of the archivejson.cgi, objectjson.cgi, and statusjson.cgi files. NOTE: this vulnerability has been...

CVE-2013-2572

A Security Bypass vulnerability exists in TP-LINK IP Cameras TL-SC 3130, TL-SC 3130G, 3171G, 4171G, and 3130 1.6.18P12 due to default hard-coded credentials for the administrative Web interface, which could let a malicious user obtain unauthorized access to CGI files...

CVE-2013-2572

CVE-2013-2572 / CVE-2013-2573 affect TP-Link IP cameras based on firmware v1.6.18P12 and earlier (TL-SC 3130, TL-SC 3130G, TL-SC 3171G, TL-SC 4171G). Root cause: hard-coded credentials in the administrative web interface (Boa http server) enabling bypass of authentication and, for CVE-2013-2573, ...

Webmin 1.900 Upload Execution

Webmin 1.900 allows authenticated users with “Upload and Download” module access to upload cgi files to a webroot subdirectory and the uploaded files can be executed by sending requests to the web server. Recent assessments: jrobles-r7 at May 09, 2019 5:57pm UTC reported: Details Webmin 1.900...

ZTE ZXDSL 831CII - Improper Access Restrictions Vulnerability

Exploit for hardware platform in category web applications Exploit Title: ZTE ZXDSL 831 Unauthorized Configuration Access Exploit Author: Ibad Shah Vendor Homepage: zte.com.cn Software Link: - Version: - ZXDSL - 831CII Tested on: Windows 10 CVE :- 2017-16953 ======================================...

ZTE ZXDSL 831CII Access Bypass Vulnerability

ZTE ZXDSL 831CII devices are prone to an access bypass vulnerability. Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...

ZTE ZXDSL 831CII - Improper Access Restrictions

ZTE ZXDSL 831CII - Improper Access Restrictions Exploit Title: ZTE ZXDSL 831 Unauthorized Configuration Access Date: 27/11/2017 Exploit Author: Ibad Shah Vendor Homepage: zte.com.cn Software Link: - Version: - ZXDSL - 831CII Tested on: Windows 10 CVE :- 2017-16953...

ZTE ZXDSL 831 Unauthorized Configuration Access Bypass

Exploit Title: ZTE ZXDSL 831 Unauthorized Configuration Access Date: 27/11/2017 Exploit Author: Ibad Shah Vendor Homepage: zte.com.cn Software Link: - Version: - ZXDSL - 831CII Tested on: Windows 10 CVE :- 2017-16953 ======================================= The Router usually servers html files &...

ZTE ZXDSL 831CII - Improper Access Restrictions

Exploit Title: ZTE ZXDSL 831 Unauthorized Configuration Access Date: 27/11/2017 Exploit Author: Ibad Shah Vendor Homepage: zte.com.cn Software Link: - Version: - ZXDSL - 831CII Tested on: Windows 10 CVE :- 2017-16953 ======================================= The Router usually servers html files &...

Halliburton LogView Pro 9.7.5 Crash

Exploit Title: Haliburton LogView Pro v9.7.5 Exploit Author: Karn Ganeshen Download link: http://www.halliburton.com/public/lp/contents/InteractiveTools/web/Toolkits/lp/HalliburtonLogViewer.exe Version: Current version 9.7.5 Tested on: Windows Vista Ultimate SP2 Open cgm/tif/tiff/tifh file -...

3 6 0 secure routing P1 there is an unauthorized access vulnerability that can be read password-vulnerability warning-the black bar safety net

javascript/router/wanconfigshow. cgi, javascript/router/wanconfigset. cgi, javascript/router/logget. cgi and a cgi does not require login to access, wherein javascript/router/wanconfigshow. cgi via the post can directly access Internet setup information, including the ppoe username and password,...