843 matches found
CVE-2010-4741
Stack-based buffer overflow in MDMUtil.dll in MDMTool.exe in MDM Tool before 2.3 in Moxa Device Manager allows remote MDM Gateways to execute arbitrary code via crafted data in a session on TCP port 54321...
MOXA Device Manager MDM Tool buffer overflow
Overview The MOXA Device Manager MDM Tool contains a stack-based buffer overflow. Description The MOXA Device Manager consists of an MDM Tool, which allows local users to connect to a remote MDM Gateway to monitor and manage embedded computers installed with MDM Agent software. MOXA Device Manage...
Cisco Device HTTP Device Manager Access
This module gathers data from a Cisco device router or switch with the device manager web interface exposed. The HttpUsername and HttpPassword options can be used to specify authentication. This module requires Metasploit: https://metasploit.com/download Current source:...
MOXA Device Manager Tool 2.1 - Remote Buffer Overflow (Metasploit)
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'MOXA Device Manager Tool 2.1 Buffer Overflow', 'Description' = %q This module exploits a stack buffer overflow in MOXA MDM Tool 2.1. When sending ...
MOXA Device Manager Tool 2.1 Buffer Overflow
This module exploits a stack buffer overflow in MOXA MDM Tool 2.1. When sending a specially crafted MDMGw MDM2Gateway response, an attacker may be able to execute arbitrary code. This module requires Metasploit: https://metasploit.com/download Current source:...
Moxa Device Manager Gateway Detection
Binary data scadamdmgatewaydetect.nbin...
Cross site scripting
Cross-site scripting XSS vulnerability in Cisco Router and Security Device Manager SDM allows remote attackers to inject arbitrary web script or HTML via unknown vectors, aka Bug ID CSCtb38467...
CVE-2010-0594
Cisco Router and Security Device Manager (SDM) suffers a cross-site scripting (XSS) vulnerability (Bug ID CSCtb38467) that allows remote attackers to inject arbitrary script or HTML via unknown vectors. Affected products: Cisco Router and Security Device Manager (SDM) web-based management tool; v...
CVE-2010-0594
Cross-site scripting XSS vulnerability in Cisco Router and Security Device Manager SDM allows remote attackers to inject arbitrary web script or HTML via unknown vectors, aka Bug ID CSCtb38467...
Cisco Router and Security Device Manager Cross-Site Scripting Vulnerability
Cisco Router and Security Device Manager versions 2.5 and prior contain a vulnerability that could allow attackers to conduct cross-site scripting attacks. The vulnerability exists due to improper validation of parameters processed by the application. An unauthenticated, remote attacker could...
Cisco Router and Security Device Manager vulnerable to cross-site scripting
Overview Cisco Router and Security Device Manager SDM contains a cross-site scripting vulnerability. Cisco Router and Security Device Manager SDM is a web-based device management tool for Cisco routers. Cisco Router and Security Device Manager SDM contains a cross-site scripting vulnerability...
JVN#14313132 Cisco Router and Security Device Manager vulnerable to cross-site scripting
Cisco Router and Security Device Manager SDM is a web-based device management tool for Cisco routers. Cisco Router and Security Device Manager SDM contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Upda...
Wyse Device Manager (WDM) HServer and HAgent contain multiple vulnerabilities
Overview Wyse Device Manager WDM Server and HAgent contain several vulnerabilities. An attacker with network access to WDM components could execute arbitrary code on vulnerable systems. Description Wyse Device Manager WDM, formerly known as Wyse Rapport manages thin clients. Part of the server...
Wyse Device Manager HAgent Service Detection
Binary data wysehagentdetect.nbin...
Issue of Access Control Failure in Hitachi Device Manager Server
Overview Hitachi Device Manager servers contain a vulnerability in which access control settings would be rendered invalid in the following cases: - IPv6 format is used for communications between a Hitachi Device Manager server and its clients. - Access controls for Hitachi Device Manager clients...
Wyse Device Manager Buffer Overflow
Wyse Device Manager is installed on the remote system. The installed version is affected by a buffer overflow vulnerability. By sending a specially crafted request to the server, it may be possible for an unauthorized attacker to crash the server or execute arbitrary commands on the remote system...
Wyse Device Manager Default FTP Account
The remote FTP server has an account with a known username / password combination, possibly created as part of an installation of Wyse Device Manager. An attacker may be able to use this to gain authenticated access to the system, which could allow for other attacks against the affected applicati...
Directory traversal
Directory traversal vulnerability in Cisco Application Networking Manager ANM before 2.0 and Application Control Engine ACE Device Manager before A32.1 allows remote authenticated users to read or modify arbitrary files via unspecified vectors, related to "invalid directory permissions."...
CVE-2009-0615
CVE-2009-0615 concerns directory traversal in Cisco ANM before 2.0 and ACE Device Manager before A3(2.1). Exploitation by an authenticated remote user could read/modify arbitrary files, potentially exposing host OS data due to invalid directory permissions. Related CVEs cover additional ANM flaws...
Cisco ACE Application Control Engine Device Manager and Application Networking Manager Vulnerabilities
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...