XikeStor SKS8310-8X 访问控制错误漏洞

The XikeStor SKS8310-8X is an Ethernet switch produced by the XikeStor company. Versions of XikeStor SKS8310-8X prior to 1.04.B07 contain a security vulnerability related to access control. This vulnerability stems from the absence of authentication at the /switchconfig.src endpoint, which may...

EUVD-2021-26272

Malware in sbrugna...

PT-2024-34364

Name of the Vulnerable Software and Affected Versions: KDE Kmail versions prior to 6.2.0 Description: The issue allows man-in-the-middle attackers to trigger the use of an attacker-controlled mail server. This is because cleartext HTTP is used for retrieving configuration from URLs such as...

BMC / Numara Track-It! Domain Administrator and SQL Server User Password Disclosure

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'openssl' class MetasploitModule 'BMC / Numara Track-It! Domain Administrator and SQL Server User Password Disclosure', 'Description' = %q This module exploits a...

CVE-2024-31815

In TOTOLINK EX200 V4.0.3c.7314B20191204, an attacker can obtain the configuration file without authorization through /cgi-bin/ExportSettings.sh...

CVE-2020-24215

An issue was discovered in the box application on HiSilicon based IPTV/H.264/H.265 video encoders. Attackers can use hard-coded credentials in HTTP requests to perform any administrative task on the device including retrieving the device's configuration with the cleartext admin password, and...

CVE-2013-1391

Authentication bypass vulnerability in the the web interface in Hunt CCTV, Capture CCTV, Hachi CCTV, NoVus CCTV, and Well-Vision Inc DVR systems allows a remote attacker to retrieve the device configuration...

BMC / Numara Track-It! Domain Administrator and SQL Server User Password Disclosure

This module exploits an unauthenticated configuration retrieval .NET remoting service in Numara / BMC Track-It! v9 to v11.X, which can be abused to retrieve the Domain Administrator and the SQL server user credentials. This module has been tested successfully on versions 11.3.0.355, 10.0.51.135,...

CVE-2014-2046 - Unauthenticated Credential And Configuration Retrieval In Broadcom Ltd PIPA C211

Vulnerability title: Unauthenticated Credential And Configuration Retrieval In Broadcom Ltd PIPA C211 CVE: CVE-2014-2046 Vendor: Broadcom Ltd Product: PIPA C211 Affected version: Soft Rev: SR1.1, HW Rev: PIPA C211 rev2 Fixed version: N/A Reported by: Jerzy Kramarz Details: By sending a crafted PO...

Broadcom PIPA C211 - Sensitive Information Disclosure

Broadcom PIPA C211 - Sensitive Information Disclosure Vulnerability title: Unauthenticated Credential And Configuration Retrieval In Broadcom Ltd PIPA C211 CVE: CVE-2014-2046 Vendor: Broadcom Ltd Product: PIPA C211 Affected version: Soft Rev: SR1.1, HW Rev: PIPA C211 rev2 Fixed version: N/A...

Broadcom PIPA C211 - Sensitive Information Disclosure

Vulnerability title: Unauthenticated Credential And Configuration Retrieval In Broadcom Ltd PIPA C211 CVE: CVE-2014-2046 Vendor: Broadcom Ltd Product: PIPA C211 Affected version: Soft Rev: SR1.1, HW Rev: PIPA C211 rev2 Fixed version: N/A Reported by: Jerzy Kramarz Details: By sending the followin...

Broadcom PIPA C211 Information Disclosure

Vulnerability title: Unauthenticated Credential And Configuration Retrieval In Broadcom Ltd PIPA C211 CVE: CVE-2014-2046 Vendor: Broadcom Ltd Product: PIPA C211 Affected version: Soft Rev: SR1.1, HW Rev: PIPA C211 rev2 Fixed version: N/A Reported by: Jerzy Kramarz Details: By sending the followin...

General Electric D20 Password Recovery

The General Electric D20ME and possibly other units D200? feature TFTP readable configurations with plaintext passwords. This module retrieves the username, password, and authentication level list. This module requires Metasploit: https://metasploit.com/download Current source:...

Barracuda Networks Spam & Virus Firewall <= 4.1.1.021 Configuration

Exploit for cgi platform in category remote exploits =================================================================== Barracuda Networks Spam & Virus Firewall " echo "" exit; fi; curl http://$1:8000/cgi-mod/viewhelp.cgi?locale=/../../../../../../../mail/snapshot/config.snapshot%00 $1.config ls...

Barracuda Networks Spam Virus Firewall 4.1.1.021 - Remote Configuration Retrieval

Barracuda Networks Spam Virus Firewall 4.1.1.021 - Remote Configuration Retrieval !/bin/bash Exploit by ShadowHatesYou [email protected] The resulting output is an SQL dump containing the Barracuda's configuration, which includes goodies such as: The administrative password for the...

lexmark-config NSE Script

Retrieves configuration information from a Lexmark S300-S400 printer. The Lexmark S302 responds to the NTPRequest version probe with its configuration. The response decodes as mDNS, so the request was modified to resemble an mDNS request as close as possible. However, the port 9100/udp is listed ...

Unauthorized D-Link DWL-2100ap wireless access points access

It's possible to retrieve configuration via Web interface with request like http://dlink-DWL-2100ap/cgi-bin/Intruders.cfg...

Symantec AntiVirus Scan Engine Web Interface Multiple Remote Vulnerabilities

The remote host appears to be running Symantec Scan Engine. This version of Scan Engine is vulnerable to several flaws that could allow a remote attacker to take control of the scan engine. The following flaws are present: - Fixed HTTPS certificate key - Configuration file retrieval with...