43 matches found
EUVD-2020-24724
Malware in sbrugna...
EUVD-2017-15838
Malware in sbrugna...
EUVD-2021-6880
Malicious code in bioql PyPI...
EUVD-2023-24186
Malicious code in bioql PyPI...
EUVD-2021-6882
Malicious code in bioql PyPI...
CVE-2024-20416
A vulnerability in the upload module of Cisco RV340 and RV345 Dual WAN Gigabit VPN Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device. This vulnerability is due to insufficient boundary checks when processing specific HTTP requests. An attacker...
The vulnerability in the web interface for managing microprogrammed software routers of Cisco Small Business RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers allows a hacker to execute arbitrary code.
The vulnerability of the web interface for managing microprogrammed software routers of Cisco Small Business RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers is related to insufficient verification of data entered by users. Exploiting this vulnerability allows a malicious actor to...
VulnCheck KEV: CVE-2020-3451
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV340 Series Routers could allow an authenticated, remote attacker with administrative credentials to execute arbitrary commands on the underlying operating system OS as a restricted user. For more...
CVE-2024-20381 Cisco Network Services Orchestrator Configuration Update Authorization Bypass Vulnerability
A vulnerability in the JSON-RPC API feature in Cisco Crosswork Network Services Orchestrator NSO and ConfD that is used by the web-based management interfaces of Cisco Optical Site Manager and Cisco RV340 Dual WAN Gigabit VPN Routers could allow an authenticated, remote attacker to modify the...
CVE-2024-20416
A vulnerability in the upload module of Cisco RV340 and RV345 Dual WAN Gigabit VPN Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device. This vulnerability is due to insufficient boundary checks when processing specific HTTP requests. An attacker...
CVE-2023-20073
A vulnerability in the web-based management interface of Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an unauthenticated, remote attacker to upload arbitrary files to an affected device. This vulnerability is due to insufficient authorization enforcement...
The vulnerability in the web interface for managing microprogrammed software routers of Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN lies in the insufficient verification of input data. This allows a malicious actor to execute arbitrary code or trigger a service failure.
The vulnerability in the web interface for managing microprogrammed software routers of Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or trigger a...
CVE-2023-20007
A vulnerability in the web-based management interface of Cisco Small Business RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an authenticated, remote attacker to execute arbitrary code or cause the web-based management process on the device to restart unexpectedly,...
Cisco RV340 JSON RPC set-snmp Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Cisco RV340 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handling o...
Cisco RV340 JSON RPC set-snmp Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Cisco RV340 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handling o...
Metasploit Weekly Wrap-Up
Spring4Shell module Community contributor vleminator added a new module which exploits CVE-2022-22965—more commonly known as "Spring4Shell." Depending on its deployment configuration, Java Spring Framework versions 5.3.0 to 5.3.17, 5.2.0 to 5.2.19, and older can be vulnerable to unauthenticated...
Cisco RV340 JSON RPC set-snmp Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Cisco RV340 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handling o...
Cisco RV340 JSON RPC set-snmp Command Injection Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Cisco RV340 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handling o...
CVE-2022-20799
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV340 and RV345 Routers could allow an authenticated, remote attacker to inject and execute arbitrary commands on the underlying operating system of an affected device. These vulnerabilities are due to...
CVE-2022-20753
A vulnerability in web-based management interface of Cisco Small Business RV340 and RV345 Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit...