CVE-2023-54344

Eclipse Equinox OSGi 3.7.2 and earlier contains a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary commands by sending payloads to the console interface. Attackers can connect to the OSGi console port and send base64-encoded bash commands wrapped in...

CVE-2023-54344

The vulnerability CVE-2023-54344 affects Eclipse Equinox OSGi 3.7.2 and earlier. The issue resides in the OSGi console interface, where an unauthenticated attacker can send payloads to the console port—specifically base64-encoded bash commands wrapped in fork directives—to achieve remote code exe...

EUVD-2017-3812

Malware in sbrugna...

EUVD-2024-38038

Malicious code in bioql PyPI...

kernel: serial: core: fix transmit-buffer reset and memleak

In the Linux kernel, the following vulnerability has been resolved: serial: core: fix transmit-buffer reset and memleak Commit 761ed4a94582 "tty: serialcore: convert uartclose to use ttyportclose" converted serial core to use ttyportclose but failed to notice that the transmit buffer still needs ...

CVE-2024-39512

An Improper Physical Access Control vulnerability in the console port control of Juniper Networks Junos OS Evolved allows an attacker with physical access to the device to get access to a user account. When the console cable is disconnected, the logged in user is not logged out. This allows a...

NetBox 安全漏洞

NetBox is a Django, PostgreSql based tool for IP Address Management IPAM and Data Center Infrastructure Management DCIM from the NetBox community. A cross-site scripting vulnerability exists in NetBox v4.0.3, which stems from the lack of effective filtering and escaping of user-supplied data in t...

CVE-2023-49228

An issue was discovered in Peplink Balance Two before 8.4.0. Console port authentication uses hard-coded credentials, which allows an attacker with physical access and sufficient knowledge to execute arbitrary commands as root...

CVE-2023-49228

An issue was discovered in Peplink Balance Two before 8.4.0. Console port authentication uses hard-coded credentials, which allows an attacker with physical access and sufficient knowledge to execute arbitrary commands as root...

Peplink Balance Security Breach

Peplink Balance is a router from Peplink. A security vulnerability exists in Peplink Balance Two versions prior to 8.4.0, which stems from the use of hard-coded credentials for Console port authentication, allowing an attacker to execute arbitrary commands as root...

PT-2023-31121 · Peplink · Peplink Balance Two

Name of the Vulnerable Software and Affected Versions: Peplink Balance Two versions prior to 8.4.0 Description: An issue was discovered in Peplink Balance Two where console port authentication uses hard-coded credentials. This allows an attacker with physical access and sufficient knowledge to...

Authentication flaw

A vulnerability in the CLI console login authentication of Cisco Nexus 9300-FX3 Series Fabric Extender FEX when used in UCS Fabric Interconnect deployments could allow an unauthenticated attacker with physical access to bypass authentication. This vulnerability is due to the improper implementati...

CVE-2023-20012

A vulnerability in the CLI console login authentication of Cisco Nexus 9300-FX3 Series Fabric Extender FEX when used in UCS Fabric Interconnect deployments could allow an unauthenticated attacker with physical access to bypass authentication. This vulnerability is due to the improper implementati...

CVE-2021-1371

A vulnerability in the role-based access control of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker with read-only privileges to obtain administrative privileges by using the console port when the device is in the default SD-WAN configuration. This vulnerability occurs...

CVE-2021-1371

A vulnerability in the role-based access control of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker with read-only privileges to obtain administrative privileges by using the console port when the device is in the default SD-WAN configuration. This vulnerability occurs...

CVE-2021-1371 Cisco IOS XE SD-WAN Software Console Privilege Escalation Vulnerability

A vulnerability in the role-based access control of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker with read-only privileges to obtain administrative privileges by using the console port when the device is in the default SD-WAN configuration. This vulnerability occurs...

PT-2021-2449 · Cisco · Cisco Ios Xe Sd-Wan +1

Name of the Vulnerable Software and Affected Versions: Cisco IOS XE SD-WAN Software affected versions not specified Description: A vulnerability in the role-based access control of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker with read-only privileges to obtain...

CVE-2020-1618

On Juniper Networks EX and QFX Series, an authentication bypass vulnerability may allow a user connected to the console port to login as root without any password. This issue might only occur in certain scenarios: • At the first reboot after performing device factory reset using the command...

Authentication flaw

On Juniper Networks EX and QFX Series, an authentication bypass vulnerability may allow a user connected to the console port to login as root without any password. This issue might only occur in certain scenarios: • At the first reboot after performing device factory reset using the command...

CVE-2019-0069

On EX4600, QFX5100 Series, NFX Series, QFX10K Series, QFX5110, QFX5200 Series, QFX5110, QFX5200, QFX10K Series, vSRX, SRX1500, SRX4000 Series, vSRX, SRX1500, SRX4000, QFX5110, QFX5200, QFX10K Series, when the user uses console management port to authenticate, the credentials used during device...