95 matches found
Hardcoded credentials
Use of hard-coded credentials vulnerability in Buffalo network devices allows an attacker to access the debug function of the product. The affected products and versions are as follows: BS-GSL2024 firmware Ver. 1.10-0.03 and earlier, BS-GSL2016P firmware Ver. 1.10-0.03 and earlier, BS-GSL2016...
CVE-2023-26588
Use of hard-coded credentials vulnerability in Buffalo network devices allows an attacker to access the debug function of the product. The affected products and versions are as follows: BS-GSL2024 firmware Ver. 1.10-0.03 and earlier, BS-GSL2016P firmware Ver. 1.10-0.03 and earlier, BS-GSL2016...
SUSE CVE-2021-28235
Authentication vulnerability found in Etcd-io v.3.4.10 allows remote attackers to escalate privileges via the debug function...
CVE-2021-28235
A flaw was found in etcd, where etc-io could allow a remote attacker to gain elevated privileges on the system caused by a vulnerability in the debug function. By sending a specially crafted request, an attacker can gain elevated privileges...
Etcd-io Improper Authentication vulnerability
Authentication vulnerability found in Etcd-io v.3.4.10 allows remote attackers to escalate privileges via the debug function. This has been fixed in v.3.5.8 and was also backported to 3.4 and 3.5...
GHSA-GMPH-WF7J-9GCM Etcd-io Improper Authentication vulnerability
Authentication vulnerability found in Etcd-io v.3.4.10 allows remote attackers to escalate privileges via the debug function. This has been fixed in v.3.5.8 and was also backported to 3.4 and 3.5...
CVE-2021-28235
Authentication vulnerability found in Etcd-io v.3.4.10 allows remote attackers to escalate privileges via the debug function...
AZL-26139 CVE-2021-28235 affecting package etcd for versions less than 3.5.4-6
Authentication vulnerability found in Etcd-io v.3.4.10 allows remote attackers to escalate privileges via the debug function...
CVE-2021-28235
Authentication vulnerability found in Etcd-io v.3.4.10 allows remote attackers to escalate privileges via the debug function...
DEBIAN-CVE-2021-28235
Authentication vulnerability found in Etcd-io v.3.4.10 allows remote attackers to escalate privileges via the debug function...
CVE-2021-28235
Authentication vulnerability found in Etcd-io v.3.4.10 allows remote attackers to escalate privileges via the debug function...
Authentication flaw
Authentication vulnerability found in Etcd-io v.3.4.10 allows remote attackers to escalate privileges via the debug function...
UBUNTU-CVE-2021-28235
Authentication vulnerability found in Etcd-io v.3.4.10 allows remote attackers to escalate privileges via the debug function...
Improper Authentication
Authentication vulnerability found in Etcd-io v.3.4.10 allows remote attackers to escalate privileges via the debug function...
CVE-2021-28235
Authentication vulnerability found in Etcd-io v.3.4.10 allows remote attackers to escalate privileges via the debug function...
CVE-2021-28235
Authentication vulnerability found in Etcd-io v.3.4.10 allows remote attackers to escalate privileges via the debug function...
CVE-2021-28235
CVE-2021-28235: Etcd-io v3.4.10 contains an authentication vulnerability that enables remote privilege escalation via the debug function. Documented impact is high (CVSS 9.8), with potential for elevated privileges on affected systems. Mitigation in connected sources advises upgrading to newer et...
PT-2023-8995 · Etcd-Io +7 · Etcd-Io +7
Name of the Vulnerable Software and Affected Versions: Etcd-io version 3.4.10 Description: The issue is related to an authentication vulnerability that can be exploited by sending an authentication request to the etcdserver with a username and password, potentially allowing a remote attacker to...
PT-2022-23438 · H3C · H3C Gr-1200W
Name of the Vulnerable Software and Affected Versions: H3C GR-1200W MiniGRW1A0V100R006 Description: A stack overflow issue was discovered in the H3C GR-1200W MiniGRW1A0V100R006 via the function debug wlan advance. Recommendations: For H3C GR-1200W MiniGRW1A0V100R006, consider disabling the debug...
Google XML Sitemaps < 4.1.3 - Admin+ Stored Cross-Site Scripting
The plugin does not sanitise and escape a settings before outputting it in the Debug page, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup Put the following payload in the "Try to...