Lucene search
K

21 matches found

ICS
ICS
added 2022/03/01 12:0 p.m.99 views

Understanding and Mitigating Russian State-Sponsored Cyber Threats to U.S. Critical Infrastructure

Summary Actions Critical Infrastructure Organizations Should Implement to Immediately Strengthen Their Cyber Posture. • Patch all systems. Prioritize patching known exploited vulnerabilities. • Implement multi-factor authentication. • Use antivirus software. • Develop internal contact lists and...

10CVSS9.9AI score0.99999EPSS
Exploits449References104
The Hacker News
The Hacker News
added 2021/05/08 12:24 p.m.524 views

Top 12 Security Flaws Russian Spy Hackers Are Exploiting in the Wild

Cyber operatives affiliated with the Russian Foreign Intelligence Service SVR have switched up their tactics in response to previous public disclosures of their attack methods, according to a new advisory jointly published by intelligence agencies from the U.K. and U.S. Friday. "SVR cyber operato...

10CVSS0.4AI score0.99999EPSS
Exploits356
NVD
NVD
added 2020/06/29 6:15 p.m.23 views

CVE-2020-13896

The web interface of Maipu MP1800X-50 7.5.3.14R devices allows remote attackers to obtain sensitive information via the form/formDeviceVerGet URI, such as system id, hardware model, hardware version, bootloader version, software version, software image file, compilation time, and system uptime...

5.3CVSS0.14838EPSS
Exploits1References1
Prion
Prion
added 2020/06/29 6:15 p.m.40 views

Design/Logic Flaw

The web interface of Maipu MP1800X-50 7.5.3.14R devices allows remote attackers to obtain sensitive information via the form/formDeviceVerGet URI, such as system id, hardware model, hardware version, bootloader version, software version, software image file, compilation time, and system uptime...

5CVSS6.3AI score0.99876EPSS
Exploits20References1Affected Software1
Cvelist
Cvelist
added 2020/06/29 5:11 p.m.29 views

CVE-2020-13896

The web interface of Maipu MP1800X-50 7.5.3.14R devices allows remote attackers to obtain sensitive information via the form/formDeviceVerGet URI, such as system id, hardware model, hardware version, bootloader version, software version, software image file, compilation time, and system uptime...

6.3AI score0.14838EPSS
Exploits1References1
Check Point Advisories
Check Point Advisories
added 2019/08/05 12:0 a.m.6 views

Cisco RV320 and RV325 Routers Information Disclosure (CVE-2019-1653)

An information disclosure vulnerability exists in Cisco RV320 and RV325 Routers. Successful exploitation of this vulnerability would allow remote attackers to gain access to sensitive information and gain unauthorized access into the affected system...

5CVSS5AI score0.99876EPSS
Exploits19
Tenable Nessus
Tenable Nessus
added 2019/04/16 12:0 a.m.38 views

Cisco RV320 < 1.4.2.22 Multiple Vulnerabilities

Binary data 700566.prm...

9CVSS6.8AI score0.99876EPSS
Exploits26References6
Tenable Nessus
Tenable Nessus
added 2019/04/15 12:0 a.m.50 views

Cisco Small Business RV320 and RV325 Routers Multiple Vulnerabilities (cisco-sa-20190123-rv-inject, cisco-sa-20190123-rv-info)

According to its self-reported version, this Cisco Small Business RV Series router is affected by multiple vulnerabilities: - A vulnerability in the web-based management interface of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an authenticated, remote attacker wi...

9CVSS7.6AI score0.99876EPSS
Exploits26References6
Exploit DB
Exploit DB
added 2019/04/03 12:0 a.m.235 views

Cisco RV320 and RV325 - Unauthenticated Remote Code Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Cisco RV320 and RV325 Unauthenticated Remote Code Execution", 'Description' = %q This exploit module combines an information disclosure...

7.1AI score
Exploits0
0day.today
0day.today
added 2019/03/30 12:0 a.m.426 views

Cisco RV320 / RV325 Unauthenticated Remote Code Execution Exploit

This Metasploit module combines an information disclosure CVE-2019-1653 and a command injection vulnerability CVE-2019-1652 together to gain unauthenticated remote code execution on Cisco RV320 and RV325 small business routers. Can be exploited via the WAN interface of the router. Either via HTTP...

9CVSS0.6AI score0.99876EPSS
Exploits26
Packet Storm
Packet Storm
added 2019/03/30 12:0 a.m.524 views

Cisco RV320 / RV325 Unauthenticated Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Cisco RV320 and RV325 Unauthenticated Remote Code Execution", 'Description' = %q This exploit module combines an information disclosure...

9CVSS0.5AI score0.99876EPSS
Exploits26
0day.today
0day.today
added 2019/03/27 12:0 a.m.241 views

Cisco RV320 Unauthenticated Configuration Export Vulnerability

The configuration of a Cisco RV320 router can still be exported without authentication via the device's web interface due to an inadequate fix by the vendor. Cisco RV320 Unauthenticated Configuration Export Vulnerability Details ======= Product: Cisco RV320 Dual Gigabit WAN VPN Router, possibly...

5CVSS0.6AI score0.99876EPSS
Exploits19
Metasploit
Metasploit
added 2019/02/25 2:51 p.m.97 views

Cisco RV320 and RV325 Unauthenticated Remote Code Execution

This exploit module combines an information disclosure CVE-2019-1653 and a command injection vulnerability CVE-2019-1652 together to gain unauthenticated remote code execution on Cisco RV320 and RV325 small business routers. Can be exploited via the WAN interface of the router. Either via HTTPS o...

7.5CVSS7.9AI score0.99876EPSS
Exploits26
Packet Storm
Packet Storm
added 2019/01/29 12:0 a.m.158 views

Cisco RV300 / RV320 Information Disclosure

Exploit Title: 6coRV Exploit Date: 01-26-2018 Exploit Author: Harom Ramos Horus Tested on: Cisco RV300/RV320 CVE : CVE-2019-1653 import requests from requests.packages.urllib3.exceptions import InsecureRequestWarning from fakeuseragent import UserAgent def randomheaders: return dict'user-agent':...

6.8AI score0.99876EPSS
Exploits19
Exploit DB
Exploit DB
added 2019/01/28 12:0 a.m.146 views

Cisco RV300 / RV320 - Information Disclosure

Exploit Title: 6coRV Exploit Date: 01-26-2018 Exploit Author: Harom Ramos Horus Tested on: Cisco RV300/RV320 CVE : CVE-2019-1653 import requests from requests.packages.urllib3.exceptions import InsecureRequestWarning from fakeuseragent import UserAgent def randomheaders: return dict'user-agent':...

7.5CVSS6.7AI score0.99876EPSS
Exploits19
0day.today
0day.today
added 2019/01/28 12:0 a.m.107 views

Cisco RV300 / RV320 - Information Disclosure Vulnerability

Exploit for hardware platform in category web applications Exploit Title: Cisco RV300 / RV320 - Information Disclosure Vulnerability Exploit Author: Harom Ramos Horus Tested on: Cisco RV300/RV320 CVE : CVE-2019-1653 import requests from requests.packages.urllib3.exceptions import...

5CVSS0.3AI score0.99876EPSS
Exploits19
exploitpack
exploitpack
added 2019/01/28 12:0 a.m.128 views

Cisco RV300 RV320 - Information Disclosure

Cisco RV300 RV320 - Information Disclosure Exploit Title: 6coRV Exploit Date: 01-26-2018 Exploit Author: Harom Ramos Horus Tested on: Cisco RV300/RV320 CVE : CVE-2019-1653 import requests from requests.packages.urllib3.exceptions import InsecureRequestWarning from fakeuseragent import UserAgent d...

5CVSS6.6AI score0.99876EPSS
Exploits19
Circl
Circl
added 2019/01/24 4:13 p.m.11 views

CVE-2019-1653

creationtimestamp| type| source ---|---|--- 2019-01-24 16:13:50+00:00| seen| MISP/5c49e3cd-7c10-4d00-89d4-4bd50a021402 2019-01-24 16:17:12+00:00| seen| MISP/5c49e4ad-21ac-4c2e-8a8f-4c5b0a021402 2019-01-28 15:19:02+00:00| seen| MISP/5c4f1cd3-4e30-476b-9bf5-1a630a021402 2019-01-29 06:29:06+00:00|...

7.5CVSS6.8AI score0.99876EPSS
In wildExploits19References18
CVE
CVE
added 2019/01/24 4:0 p.m.1261 views

CVE-2019-1653

CVE-2019-1653 affects Cisco Small Business RV320/RV325 routers. The web-based management interface has improper access controls on URLs, enabling an unauthenticated remote attacker to retrieve sensitive information such as configuration and diagnostics. Multiple connected sources corroborate an i...

7.5CVSS6.6AI score0.99876EPSS
In wildExploits19References16Affected Software1
0day.today
0day.today
added 2019/01/24 12:0 a.m.206 views

Cisco RV320 Unauthenticated Configuration Export Vulnerability

RedTeam Pentesting discovered that the configuration of a Cisco RV320 router may be exported without authentication through the device's web interface. Affected versions include 1.4.2.15 and 1.4.2.17. Product: Cisco RV320 Dual Gigabit WAN VPN Router, possibly others Affected Versions: 1.4.2.15,...

0.3AI score0.99876EPSS
Exploits19
Rows per page
Query Builder