Lucene search
K

9792 matches found

OSV
OSV
added 2022/01/28 8:15 p.m.3 views

CVE-2021-40413

An incorrect default permission vulnerability exists in the cgiserver.cgi cgicheckability functionality of reolink RLC-410W v3.0.0.13620121102. The UpgradePrepare is the API that checks if a provided filename identifies a new version of the RLC-410W firmware. If the version is new, it would be...

7.1CVSS5.8AI score0.0082EPSS
Exploits1References1
OSV
OSV
added 2022/01/28 8:15 p.m.5 views

CVE-2021-40414

An incorrect default permission vulnerability exists in the cgiserver.cgi cgicheckability functionality of reolink RLC-410W v3.0.0.13620121102. The SetMdAlarm API sets the movement detection parameters, giving the ability to set the sensitivity of the camera per a range of hours, and which of the...

7.1CVSS7.1AI score0.00807EPSS
Exploits1References1
Prion
Prion
added 2022/01/28 8:15 p.m.20 views

Cross site request forgery (csrf)

A denial of service vulnerability exists in the cgiserver.cgi session creation functionality of reolink RLC-410W v3.0.0.13620121102. A specially-crafted HTTP request can lead to prevent users from logging in. An attacker can send an HTTP request to trigger this vulnerability...

7.8CVSS7.4AI score0.01534EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2022/01/28 7:10 p.m.25 views

CVE-2021-40414

An incorrect default permission vulnerability exists in the cgiserver.cgi cgicheckability functionality of reolink RLC-410W v3.0.0.13620121102. The SetMdAlarm API sets the movement detection parameters, giving the ability to set the sensitivity of the camera per a range of hours, and which of the...

7.1CVSS7.4AI score0.00807EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2022/01/28 12:0 a.m.4 views

PT-2022-12089 · Reolink · Reolink Rlc-410W

Name of the Vulnerable Software and Affected Versions: reolink RLC-410W version 3.0.0.136 20121102 Description: A denial of service issue exists in the cgiserver.cgi JSON command parser functionality. This can be triggered by a specially-crafted HTTP request, leading to a reboot. The GetImage par...

8.6CVSS7.9AI score0.01207EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2022/01/28 12:0 a.m.7 views

PT-2022-12069 · Reolink · Reolink Rlc-410W

Name of the Vulnerable Software and Affected Versions: reolink RLC-410W version 3.0.0.136 20121102 Description: A denial of service issue exists in the cgiserver.cgi JSON command parser functionality. This can be triggered by a specially-crafted HTTP request, leading to a reboot. The SetLocalLink...

8.6CVSS7.8AI score0.01145EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2022/01/28 12:0 a.m.4 views

PT-2022-12065 · Reolink · Reolink Rlc-410W

Name of the Vulnerable Software and Affected Versions: reolink RLC-410W version 3.0.0.136 20121102 Description: A denial of service issue exists in the cgiserver.cgi JSON command parser functionality. A specially-crafted HTTP request can lead to a reboot. The SetNetPort param is not an object,...

8.6CVSS7.9AI score0.01145EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.24 views

Mageia: Security Advisory (MGASA-2016-0262)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS8.5AI score0.55724EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.38 views

Mageia: Security Advisory (MGASA-2017-0146)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS8.3AI score0.55724EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.6 views

Mageia: Security Advisory (MGASA-2016-0159)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References4
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.37 views

Mageia: Security Advisory (MGASA-2018-0222)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7.7AI score0.10564EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.18 views

Mageia: Security Advisory (MGASA-2021-0089)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.6AI score0.02276EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.32 views

Mageia: Security Advisory (MGASA-2018-0149)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.7AI score0.17716EPSS
Exploits2References5
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.11 views

Mageia: Security Advisory (MGASA-2014-0488)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References5
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.16 views

Mageia: Security Advisory (MGASA-2014-0098)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS6.6AI score0.01884EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.25 views

Mageia: Security Advisory (MGASA-2017-0203)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS8.9AI score0.02228EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.49 views

Mageia: Security Advisory (MGASA-2015-0365)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.6AI score0.46801EPSS
Exploits7References5
Talos
Talos
added 2022/01/26 12:0 a.m.68 views

Reolink RLC-410W cgiserver.cgi cgi_check_ability improper access control vulnerabilities

Summary Multiple incorrect default permissions vulnerabilities exist in the cgiserver.cgi cgicheckability functionality of reolink RLC-410W v3.0.0.13620121102. A specially-crafted HTTP request can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability. Teste...

7.1CVSS7AI score0.0082EPSS
Exploits2
Talos
Talos
added 2022/01/26 12:0 a.m.57 views

Reolink RLC-410W cgiserver.cgi command parser denial of service vulnerability

Summary A denial of service vulnerability exists in the cgiserver.cgi API command parser functionality of reolink RLC-410W v3.0.0.13620121102. A specially-crafted series of HTTP requests can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability. Tested...

7.8CVSS7.6AI score0.01339EPSS
Exploits1
0day.today
0day.today
added 2022/01/25 12:0 a.m.357 views

Grandstream UCM62xx IP PBX sendPasswordEmail Remote Code Execution Exploit

This Metasploit module exploits an unauthenticated SQL injection vulnerability and a command injection vulnerability affecting the Grandstream UCM62xx IP PBX series of devices. The vulnerabilities allow an unauthenticated remote attacker to execute commands as root. This module requires Metasploi...

9.8CVSS10AI score0.83926EPSS
Exploits8
Rows per page
Query Builder