22 matches found
Drobo 5N2 System Command Injection Vulnerability (CNVD-2019-05916)
The Drobo 5N2 NAS is a networked storage appliance NAS from Drobo, USA. The device features data sharing, data backup, remote access and disaster recovery. A command injection vulnerability exists in the /DroboAccess/deleteuser endpoint in Drobo 5N2 NAS version 4.0.5-13.28.96115. An attacker can...
CVE-2006-3829
CVE-2006-3829 affects Kailash Nadh boastMachine (formerly bMachine) up to version 3.1 and earlier. The issue is a Cross-site request Forgery (CSRF) in bmc/admin.php that allows remote attackers to perform actions as an administrator and delete arbitrary user accounts via a delete_user action. The...