70 matches found
CVE-2024-40728
NetBox v4.0.3 is affected by an XSS flaw in the /dcim/console-server-ports/{id}/edit/ Name field due to insufficient filtering/escaping of user input. Multiple sources (Red Hat, CNVD, OSV, NVD, CVE listings) confirm a cross-site scripting vulnerability that could allow an attacker to inject arbit...
NetBox 安全漏洞
NetBox is a Django, PostgreSql based tool for IP Address Management IPAM and Data Center Infrastructure Management DCIM from the NetBox community. A cross-site scripting vulnerability exists in NetBox v4.0.3, which stems from the lack of effective filtering and escaping of user-supplied data in t...
CVE-2024-3684 Improper Privilege Management was identified in GitHub Enterprise Server that allowed privilege escalation in the Management Console
A server side request forgery vulnerability was identified in GitHub Enterprise Server that allowed an attacker with an editor role in the Management Console to gain admin access to the appliance when configuring the Artifacts & Logs and Migrations Storage. Exploitation of this vulnerability...
CVE-2023-1548
A CWE-269: Improper Privilege Management vulnerability exists that could cause a local user to perform a denial of service through the console server service that is part of EcoStruxure Control Expert. Affected Products: EcoStruxure Control Expert V15.1 and above...
CVE-2023-1548
A CWE-269: Improper Privilege Management vulnerability exists that could cause a local user to perform a denial of service through the console server service that is part of EcoStruxure Control Expert. Affected Products: EcoStruxure Control Expert V15.1 and above...
Cyclades Serial Console Server 3.3.0 Privilege Escalation Vulnerability
Exploit Title: Cyclades Serial Console Server 3.3.0 - Local Privilege Escalation Exploit Author: @ibby Vendor Homepage: https://www.vertiv.com/en-us/ Software Link: https://downloads2.vertivco.com/SerialACS/ACS/ACSv3.3.0-16/FL0536-017.zip Version: Legacy Versions V1.0.0 to V3.3.0-16 Tested on:...
Remote Command Execution Vulnerability in the Console of Chianxin Tianrong Terminal Security Management System
Chianxin Tianrong Terminal Security Management System is an integrated terminal security product solution for government and enterprise organizations. The product integrates anti-virus, terminal security control, terminal access, terminal audit, peripheral control, EDR and other functions, is...
Zilab Remote Console Server 3.2.9 - zrcs Unquoted Service Path
Zilab Remote Console Server 3.2.9 - zrcs Unquoted Service Path Exploit Title : Zilab Remote Console Server 3.2.9 - 'zrcs' Unquoted Service Path Date : 2019-10-15 Exploit Author : Cakes Vendor: Zilab Software Inc Version : Zilab Remote Console Server 3.2.9 Software:...
Zilab Remote Console Server 3.2.9 - (zrcs) Unquoted Service Path Vulnerability
Exploit Title : Zilab Remote Console Server 3.2.9 - 'zrcs' Unquoted Service Path Exploit Author : Cakes Vendor: Zilab Software Inc Version : Zilab Remote Console Server 3.2.9 Software: http://html.tucows.com/preview/340137/Zilab-Remote-Console-Server?q=remote+support Tested on Windows 10 CVE : N/...
Zilab Remote Console Server 3.2.9 zrcs Unquoted Service Path
Exploit Title : Zilab Remote Console Server 3.2.9 - 'zrcs' Unquoted Service Path Date : 2019-10-15 Exploit Author : Cakes Vendor: Zilab Software Inc Version : Zilab Remote Console Server 3.2.9 Software: http://html.tucows.com/preview/340137/Zilab-Remote-Console-Server?q=remote+support Tested on...
Zilab Remote Console Server 3.2.9 - 'zrcs' Unquoted Service Path
Exploit Title : Zilab Remote Console Server 3.2.9 - 'zrcs' Unquoted Service Path Date : 2019-10-15 Exploit Author : Cakes Vendor: Zilab Software Inc Version : Zilab Remote Console Server 3.2.9 Software: http://html.tucows.com/preview/340137/Zilab-Remote-Console-Server?q=remote+support Tested on...
Opengear console server cross-site scripting vulnerability
Opengear console server is a console server from Opengear USA. It is capable of managing network, server, and power infrastructures with monitoring, troubleshooting, and remediation features. A cross-site scripting vulnerability exists in the Opengear console server using firmware versions prior ...
CVE-2019-14456
Opengear console server firmware releases prior to 4.5.0 have a stored XSS vulnerability related to serial port logging. If a malicious user of an external system connected to a serial port on an Opengear console server sends crafted text to a serial port that has logging enabled, the text will b...
Cross site scripting
Opengear console server firmware releases prior to 4.5.0 have a stored XSS vulnerability related to serial port logging. If a malicious user of an external system connected to a serial port on an Opengear console server sends crafted text to a serial port that has logging enabled, the text will b...
CVE-2019-14456
Opengear console server firmware releases prior to 4.5.0 have a stored XSS vulnerability related to serial port logging. If a malicious user of an external system connected to a serial port on an Opengear console server sends crafted text to a serial port that has logging enabled, the text will b...
CVE-2019-14456
CVE-2019-14456 affects Opengear console server firmware releases prior to 4.5.0. The vulnerability is a stored XSS in the serial-port logging path: crafted text sent to a serial port with logging enabled can be replayed when logs are viewed. Exploitation requires access to the serial port/console...
Monitoring Windows Console Activity (Part 1)
Introduction While performing incident response, Mandiant encounters attackers actively using systems on a compromised network. This activity often includes using interactive console programs via RDP such as the command prompt, PowerShell, and sometimes custom command and control C2 console tools...
Emerson Avocent® ACS 6000 Advanced Console Server 弱口令
No description provided by source...
Avira Management Console Server HTTP Header Processing Heap Buffer Overflow
A heap buffer overflow vulnerability has been reported in Avira Management Console Server. The vulnerability exists in the way Update Manager Service handles overly long HTTP headers. A remote unauthenticated attacker could exploit this vulnerability by sending crafted HTTP requests to the server...
Cross site scripting
Cross-site scripting XSS vulnerability in the ajaxswing webui in the Management Console server in the management server in Symantec Critical System Protection SCSP 5.2.9 through MP6 and Symantec Data Center Security: Server Advanced SDCS:SA 6.0.x through 6.0 MP1 allows remote authenticated users ...