Lucene search
K

9795 matches found

VulnCheck KEV
VulnCheck KEV
added 2020/07/04 12:0 a.m.4 views

VulnCheck KEV: CVE-2013-2578

cgi-bin/admin/servetest in TP-Link IP Cameras TL-SC3130, TL-SC3130G, TL-SC3171, TL-SC3171G, and possibly other models before beta firmware LM.1.6.18P12sign6 allows remote attackers to execute arbitrary commands via shell metacharacters in 1 the ServerName parameter and 2 other unspecified...

10CVSS6.1AI score0.73713EPSS
Exploits7References1
NVD
NVD
added 2020/07/01 9:15 p.m.13 views

CVE-2020-15490

An issue was discovered on Wavlink WL-WN530HG4 M30HG4.V5030.191116 devices. Multiple buffer overflow vulnerabilities exist in CGI scripts, leading to remote code execution with root privileges. The set of affected scripts is similar to CVE-2020-12266...

10CVSS0.0373EPSS
Exploits0References1
OSV
OSV
added 2020/07/01 9:15 p.m.5 views

CVE-2020-15489

An issue was discovered on Wavlink WL-WN530HG4 M30HG4.V5030.191116 devices. Multiple shell metacharacter injection vulnerabilities exist in CGI scripts, leading to remote code execution with root privileges...

9.8CVSS7.8AI score0.03699EPSS
Exploits0References1
OSV
OSV
added 2020/07/01 9:15 p.m.4 views

CVE-2020-15490

An issue was discovered on Wavlink WL-WN530HG4 M30HG4.V5030.191116 devices. Multiple buffer overflow vulnerabilities exist in CGI scripts, leading to remote code execution with root privileges. The set of affected scripts is similar to CVE-2020-12266...

9.8CVSS7.9AI score0.0373EPSS
Exploits0References1
Prion
Prion
added 2020/07/01 9:15 p.m.17 views

Buffer overflow

An issue was discovered on Wavlink WL-WN530HG4 M30HG4.V5030.191116 devices. Multiple buffer overflow vulnerabilities exist in CGI scripts, leading to remote code execution with root privileges. The set of affected scripts is similar to CVE-2020-12266...

10CVSS8.3AI score0.0373EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2020/07/01 9:15 p.m.16 views

Design/Logic Flaw

An issue was discovered on Wavlink WL-WN530HG4 M30HG4.V5030.191116 devices. Multiple shell metacharacter injection vulnerabilities exist in CGI scripts, leading to remote code execution with root privileges...

10CVSS9.9AI score0.03699EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/07/01 8:53 p.m.13 views

CVE-2020-15489

An issue was discovered on Wavlink WL-WN530HG4 M30HG4.V5030.191116 devices. Multiple shell metacharacter injection vulnerabilities exist in CGI scripts, leading to remote code execution with root privileges...

10AI score0.03699EPSS
Exploits0References1
CVE
CVE
added 2020/07/01 8:51 p.m.54 views

CVE-2020-15490

CVE-2020-15490 affects Wavlink WL-WN530HG4 (M30HG4.V5030.191116) via multiple CGI script buffer overflow vulnerabilities that allow remote code execution with root privileges. The related Red Hat CVE-2020-12266 description confirms externally accessible, unauthenticated pages exposing extensive d...

10CVSS8.3AI score0.0373EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2020/06/30 1:37 p.m.8 views

CVE-2020-15415

On DrayTek Vigor3900, Vigor2960, and Vigor300B devices before 1.5.1, cgi-bin/mainfunction.cgi/cvmcfgupload allows remote command execution via shell metacharacters in a filename when the text/x-python-script content type is used, a different issue than CVE-2020-14472...

9.7AI score0.84599EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2020/06/26 12:0 a.m.42 views

Mailman < 2.1.33 Content Injection Vulnerability

Mailman is prone to a content injection vulnerability via the cgi/private.py private archive login page. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

4.3CVSS5.9AI score0.01888EPSS
Exploits0References1
CVE
CVE
added 2020/06/24 11:34 a.m.298 views

CVE-2020-15011

CVE-2020-15011 affects GNU Mailman prior to 2.1.33. The vulnerability allows arbitrary content injection via the Cgi/private.py private archive login page. Affected product: GNU Mailman 2.1.x (before 2.1.33). Impact described in sources as arbitrary content injection, with other related CVEs ofte...

4.3CVSS5.6AI score0.01888EPSS
Exploits0References7Affected Software1
0day.today
0day.today
added 2020/06/16 12:0 a.m.213 views

Zivif Camera 2.3.4.2103 iptest.cgi Blind Remote Command Execution Exploit

This Metasploit module exploits a remote command execution vulnerability in Zivif webcams. This is known to impact versions prior to and including 2.3.4.2103. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class...

10CVSS9.2AI score0.84558EPSS
Exploits9
OSV
OSV
added 2020/06/09 2:15 p.m.22 views

CVE-2020-13977

Nagios 4.4.5 allows an attacker, who already has administrative access to change the "URL for JSON CGIs" configuration setting, to modify the Alert Histogram and Trends code via crafted versions of the archivejson.cgi, objectjson.cgi, and statusjson.cgi files. NOTE: this vulnerability has been...

4.9CVSS6.8AI score
Exploits0References6
OSV
OSV
added 2020/06/09 2:15 p.m.1 views

DEBIAN-CVE-2020-13977

Nagios 4.4.5 allows an attacker, who already has administrative access to change the "URL for JSON CGIs" configuration setting, to modify the Alert Histogram and Trends code via crafted versions of the archivejson.cgi, objectjson.cgi, and statusjson.cgi files. NOTE: this vulnerability has been...

4.9CVSS6.2AI score0.02726EPSS
Exploits1References1
CVE
CVE
added 2020/06/09 1:6 p.m.189 views

CVE-2020-13977

Mode C: Nagios 4.4.5 is affected by CVE-2020-13977. An attacker with existing administrative access can modify the ArchiveJSON/StatusJSON/CGI logic by crafting archivejson.cgi, objectjson.cgi, and statusjson.cgi, enabling changes to the Alert Histogram and Trends code. Mageia advisory MGASA-2021-...

4.9CVSS6.6AI score0.02726EPSS
Exploits1References6Affected Software1
Cvelist
Cvelist
added 2020/06/09 1:6 p.m.36 views

CVE-2020-13977

Nagios 4.4.5 allows an attacker, who already has administrative access to change the "URL for JSON CGIs" configuration setting, to modify the Alert Histogram and Trends code via crafted versions of the archivejson.cgi, objectjson.cgi, and statusjson.cgi files. NOTE: this vulnerability has been...

6.7AI score0.02726EPSS
Exploits1References6
Debian CVE
Debian CVE
added 2020/06/09 1:6 p.m.39 views

CVE-2020-13977

Nagios 4.4.5 allows an attacker, who already has administrative access to change the "URL for JSON CGIs" configuration setting, to modify the Alert Histogram and Trends code via crafted versions of the archivejson.cgi, objectjson.cgi, and statusjson.cgi files. NOTE: this vulnerability has been...

4.9CVSS6.1AI score0.02726EPSS
Exploits1
Packet Storm
Packet Storm
added 2020/06/04 12:0 a.m.193 views

Secure Computing SnapGear Management Console SG560 3.1.5 Arbitrary File Read / Write

Secure Computing SnapGear Management Console SG560 v3.1.5 Arbitrary File Read/Write Vendor: Secure Computing Corp. Product web page: http://www.securecomputing.com Affected version: 3.1.5u1 Summary: The SG gateway appliance range provides Internet security and privacy of communications for small...

0.1AI score
Exploits0
Exploit DB
Exploit DB
added 2020/06/04 12:0 a.m.411 views

Secure Computing SnapGear Management Console SG560 3.1.5 - Arbitrary File Read

Title: Secure Computing SnapGear Management Console SG560 3.1.5 - Arbitrary File Read Author:LiquidWorm Date: 2020-06-04 Vendor: http://www.securecomputing.com CVE: N/A Secure Computing SnapGear Management Console SG560 v3.1.5 Arbitrary File Read/Write Vendor: Secure Computing Corp. Product web...

7.4AI score
Exploits0
Metasploit
Metasploit
added 2020/05/29 3:20 p.m.58 views

LinuxKI Toolset 6.01 Remote Command Execution

This module exploits a vulnerability in LinuxKI Toolset 'LinuxKI Toolset 6.01 Remote Command Execution', 'Description' = %q This module exploits a vulnerability in LinuxKI Toolset MSFLICENSE, 'Author' = 'Cody Winkler', discovery and poc 'numan türle' msf exploit , 'References' = 'EDB', '48483',...

9.8CVSS0.3AI score0.98846EPSS
Exploits10
Rows per page
Query Builder