Lucene search
K

14 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2017-7359

Malware in sbrugna...

5.3CVSS5.8AI score0.01705EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2023/12/29 12:0 a.m.4 views

PT-2023-8254 · Poly · Edge E220 +36

Name of the Vulnerable Software and Affected Versions: Poly Trio 8300, Trio 8500, Trio 8800, Trio C60, CCX 350, CCX 400, CCX 500, CCX 505, CCX 600, CCX 700, EDGE E100, EDGE E220, EDGE E300, EDGE E320, EDGE E350, EDGE E400, EDGE E450, EDGE E500, EDGE E550, VVX 101, VVX 150, VVX 201, VVX 250, VVX...

6.5CVSS7.3AI score0.00463EPSS
Exploits1References14
CNNVD
CNNVD
added 2023/12/29 12:0 a.m.3 views

Poly Trio Security Breach

Poly Trio is a Trio series of business conference phones from Poly USA. A security vulnerability exists in Poly CCX and Trio that stems from a password change vulnerability in the parameter device.auth.localAdminPassword of the Configuration File Import component. Affected products and versions:...

6.5CVSS7AI score0.00463EPSS
Exploits1References8
OSV
OSV
added 2021/03/11 9:15 p.m.5 views

CVE-2021-22709

A CWE-119:Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists in Interactive Graphical SCADA System IGSS Definition Def.exe V15.0.0.21041 and prior, which could result in loss of data or remote code execution when malicious CGF Configuration Group File fil...

7.8CVSS6.4AI score0.02EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2020/05/22 12:0 a.m.40 views

Eaton Intelligent Power Manager (IPM) < 1.68 Multiple Vulnerabilities

Eaton Intelligent Power Manager IPM v1.67 and prior contain multiple vulnerabilities: - Improper Input Validation on file name during configuration file import functionality allows attackers to perform command injection or code execution via specially crafted file names while uploading the...

8.8CVSS7.9AI score0.02147EPSS
Exploits0References3
Prion
Prion
added 2020/05/07 4:15 p.m.18 views

Command injection

Improper Input Validation in Eaton's Intelligent Power Manager IPM v 1.67 & prior on file name during configuration file import functionality allows attackers to perform command injection or code execution via specially crafted file names while uploading the configuration file in the application...

6CVSS7.6AI score0.02147EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2017/12/11 5:29 p.m.3 views

CVE-2017-15943

The configuration file import for applications, spyware and vulnerability objects functionality in the web interface in Palo Alto Networks PAN-OS before 6.1.19, 7.0.x before 7.0.19, and 7.1.x before 7.1.14 allows remote attackers to conduct server-side request forgery SSRF attacks and consequentl...

5.3CVSS5.8AI score0.01705EPSS
Exploits0References3
Prion
Prion
added 2017/12/11 5:29 p.m.23 views

Server side request forgery (ssrf)

The configuration file import for applications, spyware and vulnerability objects functionality in the web interface in Palo Alto Networks PAN-OS before 6.1.19, 7.0.x before 7.0.19, and 7.1.x before 7.1.14 allows remote attackers to conduct server-side request forgery SSRF attacks and consequentl...

5CVSS5.2AI score0.01705EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2017/12/11 5:29 p.m.27 views

CVE-2017-15943

The configuration file import for applications, spyware and vulnerability objects functionality in the web interface in Palo Alto Networks PAN-OS before 6.1.19, 7.0.x before 7.0.19, and 7.1.x before 7.1.14 allows remote attackers to conduct server-side request forgery SSRF attacks and consequentl...

5.3CVSS5.2AI score0.01705EPSS
Exploits0References3
Cvelist
Cvelist
added 2017/12/11 5:0 p.m.24 views

CVE-2017-15943

The configuration file import for applications, spyware and vulnerability objects functionality in the web interface in Palo Alto Networks PAN-OS before 6.1.19, 7.0.x before 7.0.19, and 7.1.x before 7.1.14 allows remote attackers to conduct server-side request forgery SSRF attacks and consequentl...

7.1AI score0.01705EPSS
Exploits0References3
Palo Alto Networks
Palo Alto Networks
added 2017/12/06 12:5 a.m.6 views

Server-Side Request Forgery in PAN-OS

A vulnerability exists in the PAN-OS web interface in the configuration file import for applications, spyware and vulnerability objects. Exploitation of this vulnerability allows for the parsing of external entities and could lead a PAN-OS device to connect to and disclose limited information to...

5.3CVSS6.9AI score0.01705EPSS
Exploits0References1
NVD
NVD
added 2015/01/09 6:59 p.m.14 views

CVE-2014-9510

Cross-site request forgery CSRF vulnerability in the administration console in TP-Link TL-WR840N V1 router with firmware before 3.13.27 build 141120 allows remote attackers to hijack the authentication of administrators for requests that change router settings via a configuration file import...

6.8CVSS7.2AI score0.00984EPSS
Exploits0References4
Prion
Prion
added 2015/01/09 6:59 p.m.11 views

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in the administration console in TP-Link TL-WR840N V1 router with firmware before 3.13.27 build 141120 allows remote attackers to hijack the authentication of administrators for requests that change router settings via a configuration file import...

6.8CVSS7.7AI score0.00984EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2015/01/09 6:0 p.m.20 views

CVE-2014-9510

Cross-site request forgery CSRF vulnerability in the administration console in TP-Link TL-WR840N V1 router with firmware before 3.13.27 build 141120 allows remote attackers to hijack the authentication of administrators for requests that change router settings via a configuration file import...

7.2AI score0.00984EPSS
Exploits0References4
Rows per page
Query Builder