16 matches found
EUVD-2019-16374
Malware in sbrugna...
EUVD-2025-12571
Malicious code in bioql PyPI...
CVE-2019-9680
Some Dahua products have information leakage issues. Attackers can obtain the IP address and device model information of the device by constructing malicious data packets. Affected products include:...
CVE-2019-6820
A CWE-306: Missing Authentication for Critical Function vulnerability exists which could cause a modification of device IP configuration IP address, network mask and gateway IP address when a specific Ethernet frame is received in all versions of: Modicon M100, Modicon M200, Modicon M221, ATV IMC...
PT-2025-18054 · Sick Ag · Sick Flx0-Gpnt100 +1
Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: A remote unauthenticated attacker may be able to change the IP address of the device, and therefore affect the availability of the device. Recommendations: At the moment, there is no...
Schneider Electric Modicon Missing Authentication for Critical Function (CVE-2019-6820)
A CWE-306: Missing Authentication for Critical Function vulnerability exists which could cause a modification of device IP configuration IP address, network mask and gateway IP address when a specific Ethernet frame is received in all versions of: Modicon M100, Modicon M200, Modicon M221, ATV IMC...
CVE-2020-25353
A server-side request forgery SSRF vulnerability in rConfig 3.9.5 has been fixed for 3.9.6. This vulnerability allowed remote authenticated attackers to open a connection to the machine via the deviceIpAddr and connPort parameters...
CVE-2019-13939
A vulnerability has been identified in APOGEE MEC/MBC/PXC P2 All versions = V2.8.2 = V2.8.2 = V2.3 = V2.3x and = V2.3 = V2.3 = V2.3 = V2.3x and = V2.3 = V2.3 = V2.3 = V2.3 = V2.3 = V2.3x and = V2.3 V6.0.327, Nucleus NET All versions, Nucleus ReadyStart V3 All versions V2017.02.3, Nucleus Source...
CVE-2019-6820
A CWE-306: Missing Authentication for Critical Function vulnerability exists which could cause a modification of device IP configuration IP address, network mask and gateway IP address when a specific Ethernet frame is received in all versions of: Modicon M100, Modicon M200, Modicon M221, ATV IMC...
Lutron Quantum BACnet Integration Information Disclosure Vulnerability
Lutron Quantum BACnet Integration is a lighting control system from Lutron Electronics, USA. A security vulnerability exists in Lutron Quantum BACnet Integration version 2.0 using firmware version 3.2.243, which stems from the program not properly verifying a user's request before displaying...
CVE-2018-8880
Lutron Quantum BACnet Integration 2.0 firmware 3.2.243 doesn't check for correct user authentication before showing the /deviceIP information, which leads to internal network information disclosure...
NPM-V (Network Power Manager) 2.4.1 Password Reset
NPM-VNetwork Power Manager = 2.4.1 Reset Password Vulnerability Author: Saeed reza Zamanian penetrationtest @ Linkedin Product: NPM-V Affected Version : 2.4.1 and below Vendor : http://www.china-clever.com Product Link : http://www.china-clever.com/en/index.php/product?view=products&cid=125 Date:...
Cross site request forgery (csrf)
The InFocus IN3128HD projector with firmware 0.26 does not restrict access to cgi-bin/webctrl.cgi.elf, which allows remote attackers to modify the DHCP server and device IP configuration, reboot the device, change the device name, and have other unspecified impact via a crafted request...
RiverBed Stingray Traffic Manager 9.6 Cross Site Scripting
I. VULNERABILITY ------------------------- XSS Reflected vulnerability in RiverBed Stingray Traffic Manager Virtual Appliance V 9.6 II. BACKGROUND ------------------------- Silver Peak VX software marries the cost and flexibility benefits of virtualization with the performance gains associated wi...
FortiWeb 5.0.3 Cross Site Scripting
I. VULNERABILITY ------------------------- XSS Reflected vulnerabilities in OS of FortiWeb v 5.0.3 CVE-2013-7181 II. BACKGROUND ------------------------- Fortinet's industry-leading, Network Security Platforms deliver Next Generation Firewall NGFW security with exceptional throughput, ultra low...
Fortigate Firewalls - Cross-Site Request Forgery
Vulnerability ID: CVE-2013-1414 Vulnerability Type: CSRF Cross-Site Request Forgery Product: All Fortigate Firewalls Vendor: Fortinet http://www.fortinet.com Vulnerable Version: i...