Lucene search
K

60 matches found

Tenable Nessus
Tenable Nessus
added 2021/04/14 12:0 a.m.58 views

Palo Alto Networks PAN-OS 8.1.x < 8.1.19 / 9.0.x < 9.0.13 / 9.1.x < 9.1.4 Vulnerability

The version of Palo Alto Networks PAN-OS running on the remote host is 8.1.x prior to 8.1.19 or 9.0.x prior to 9.0.13 or 9.1.x prior to 9.1.4. It is, therefore, affected by a vulnerability. - An information exposure through log file vulnerability exists in Palo Alto Networks PAN-OS software where...

2.3CVSS5AI score0.00253EPSS
Exploits0References3
OSV
OSV
added 2021/03/13 2:15 a.m.4 views

CVE-2021-20018

A post-authenticated vulnerability in SonicWall SMA100 allows an attacker to export the configuration file to the specified email address. This vulnerability impacts SMA100 version 10.2.0.5 and earlier...

4.9CVSS6.1AI score0.00673EPSS
Exploits0References1
SonicWall
SonicWall
added 2021/03/13 1:19 a.m.9 views

SonicWall SMA100 post-authentication configuration export to the a specified email address

A post-authenticated vulnerability in SonicWall SMA100 allows an attacker to export the configuration file to the specified email address. This vulnerability impacts SMA100 version 10.2.0.5 and earlier. CVE: CVE-2021-20018 Last updated: March 13, 2021, 1:19 a.m...

6.1CVSS6.8AI score0.00673EPSS
Exploits0
Citrix
Citrix
added 2020/01/13 12:0 a.m.5 views

Unable to Export the new configuration from the SD-WAN Center to the Change Management Inbox

Unable to Export the new configuration from the SD-WAN Center to the Change Management Inbox of MCN and displayed with following error message: UnderSDWANCENTERmanagement.log , the following error message can be seen as shown in the below log snippet: Log Snippet: ========== 00000:097:509:112 INF...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2019/04/03 12:0 a.m.235 views

Cisco RV320 and RV325 - Unauthenticated Remote Code Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Cisco RV320 and RV325 Unauthenticated Remote Code Execution", 'Description' = %q This exploit module combines an information disclosure...

7.1AI score
Exploits0
0day.today
0day.today
added 2019/03/27 12:0 a.m.241 views

Cisco RV320 Unauthenticated Configuration Export Vulnerability

The configuration of a Cisco RV320 router can still be exported without authentication via the device's web interface due to an inadequate fix by the vendor. Cisco RV320 Unauthenticated Configuration Export Vulnerability Details ======= Product: Cisco RV320 Dual Gigabit WAN VPN Router, possibly...

5CVSS0.6AI score0.99876EPSS
Exploits19
Packet Storm
Packet Storm
added 2019/03/27 12:0 a.m.122 views

Cisco RV320 Unauthenticated Configuration Export

Advisory: Cisco RV320 Unauthenticated Configuration Export RedTeam Pentesting discovered that the configuration of a Cisco RV320 router can still be exported without authentication via the device's web interface due to an inadequate fix by the vendor. Details ======= Product: Cisco RV320 Dual...

5CVSS0.5AI score0.99876EPSS
Exploits19
Prion
Prion
added 2017/06/21 7:29 p.m.16 views

Improper access control

An Improper Access Control issue was discovered in Cambium Networks ePMP. After a valid user has used SNMP configuration export, an attacker is able to remotely trigger device configuration backups using specific MIBs. These backups lack proper access control and may allow access to sensitive...

6CVSS6.6AI score0.06653EPSS
Exploits2References2
NVD
NVD
added 2017/06/21 7:29 p.m.19 views

CVE-2017-7918

An Improper Access Control issue was discovered in Cambium Networks ePMP. After a valid user has used SNMP configuration export, an attacker is able to remotely trigger device configuration backups using specific MIBs. These backups lack proper access control and may allow access to sensitive...

6.8CVSS6.7AI score0.06653EPSS
Exploits2References2
OSV
OSV
added 2016/10/03 6:59 p.m.8 views

CVE-2016-7572

The system.temporary route in Drupal 8.x before 8.1.10 does not properly check for "Export configuration" permission, which allows remote authenticated users to bypass intended access restrictions and read a full config export via unspecified vectors...

4.3CVSS4.2AI score
Exploits0References3
NVD
NVD
added 2016/10/03 6:59 p.m.17 views

CVE-2016-7572

The system.temporary route in Drupal 8.x before 8.1.10 does not properly check for "Export configuration" permission, which allows remote authenticated users to bypass intended access restrictions and read a full config export via unspecified vectors...

4.3CVSS4.4AI score0.01716EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2016/10/03 6:59 p.m.2 views

CVE-2016-7572

The system.temporary route in Drupal 8.x before 8.1.10 does not properly check for "Export configuration" permission, which allows remote authenticated users to bypass intended access restrictions and read a full config export via unspecified vectors...

4.3CVSS5.6AI score0.01716EPSS
Exploits0References4
0day.today
0day.today
added 2016/03/21 12:0 a.m.51 views

D-Link DWR-932 Firmware 4.00 - Authentication Bypass

Exploit for hardware platform in category web applications D-Link DWR-932 Firmware = V4.00 Authentication Bypass - Password Disclosure Author: Saeed reza Zamanian penetrationtest @ Linkedin Product: D-Link DWR-932 Tested Version: Firmware V4.00EUb03 Vendor: D-Link http://www.dlink.com/ Product UR...

7.1AI score
Exploits0
Prion
Prion
added 2015/08/19 3:59 p.m.11 views

Design/Logic Flaw

The webGUI configuration-export feature in Cisco Edge Bluebird Operating System 1.2 on Edge 340 devices allows remote authenticated users to obtain sensitive information via unspecified vectors, aka Bug ID CSCuu43968...

6.8CVSS6.3AI score0.01647EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2015/08/19 3:0 p.m.18 views

CVE-2015-4308

The webGUI configuration-export feature in Cisco Edge Bluebird Operating System 1.2 on Edge 340 devices allows remote authenticated users to obtain sensitive information via unspecified vectors, aka Bug ID CSCuu43968...

5.8AI score0.01647EPSS
Exploits0References3
0day.today
0day.today
added 2015/01/15 12:0 a.m.54 views

Sierra Wireless AirCard 760S/762S/763S Mobile Hotspot CRLF Injection Vulnerability

Sierra Wireless produces a mobile wi-fi hotspot device that is popular amongst telecommunication companies for re-branding to suit local markets. The AirCard 760S/762S/763S Web-based Administrative Console suffers from a HTTP header injection that allows an attacker to inject a file into the HTTP...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2015/01/14 12:0 a.m.37 views

Sierra Wireless AirCard 760S/762S/763S Mobile Hotspot CRLF Injection

Sierra Wireless AirCard 760S/762S/763S Mobile Hotspot CRLF Injection Overview Sierra Wireless produces a mobile wi-fi hotspot device that is popular amongst telecommunication companies for re-branding to suit local markets. The AirCard 760S/762S/763S Web-based Administrative Console suffers from ...

0.3AI score
Exploits0
OpenVAS
OpenVAS
added 2011/05/12 12:0 a.m.55 views

Multiple ZyWALL USG Products Remote Security Bypass Vulnerability - Active Check

Multiple ZyWALL USG products are prone to a security bypass vulnerability. Note: Reportedly, the firmware is also prone to a weakness that allows password-protected upgrade files to be decrypted with a known plaintext attack. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might ...

7.4AI score
Exploits0References2
securityvulns
securityvulns
added 2011/05/05 12:0 a.m.76 views

[RT-SA-2011-003] Authentication Bypass in Configuration Import and Export of ZyXEL ZyWALL USG Appliances

Advisory: Authentication Bypass in Configuration Import and Export of ZyXEL ZyWALL USG Appliances Unauthenticated users with access to the management web interface of certain ZyXEL ZyWALL USG appliances can download and upload configuration files, that are applied automatically. Details =======...

0.5AI score
Exploits0
Packet Storm
Packet Storm
added 2011/05/04 12:0 a.m.54 views

ZyWALL USG Appliance Arbitrary File Read / Write

Advisory: Authentication Bypass in Configuration Import and Export of ZyXEL ZyWALL USG Appliances Unauthenticated users with access to the management web interface of certain ZyXEL ZyWALL USG appliances can download and upload configuration files, that are applied automatically. Details =======...

0.8AI score
Exploits0
Rows per page
Query Builder