33 matches found
Siemens SIMATIC 跨站脚本漏洞
Siemens SIMATIC is a series of programmable control and industrial software products developed by Siemens, a German company, for industrial automation and process control applications. Siemens SIMATIC has a cross-site scripting vulnerability. This vulnerability stems from the Web interface’s moti...
EUVD-2013-3257
Malware in sbrugna...
EUVD-2014-3097
Malware in sbrugna...
DASAN H660WM 安全漏洞
DASAN H660WM is an optical network terminal from DASAN, Korea. A security vulnerability exists in the DASAN H660WM H660WMR210825 version, which originates from improper access control of the component /cgi-bin/systemdiagnosticmain.asp, which could result in access to sensitive information...
PT-2024-20682 · Gallagher · Controller 6000 +1
Name of the Vulnerable Software and Affected Versions: Controller 6000 and Controller 7000 versions 8.70 and prior Controller 6000 and Controller 7000 versions 8.80 through 8.80.1938 MR6 Controller 6000 and Controller 7000 versions 8.90 through 8.90.2155 MR5 Controller 6000 and Controller 7000...
Unspecified Vulnerability in NETGEAR DGN1000WW (CNVD-2025-11162)
The NETGEAR DGN1000WW is a wireless router from NETGEAR. A security vulnerability exists in the NETGEAR DGN1000WW, which can be exploited by an attacker to execute arbitrary code via a diagnostic page...
NETGEAR DGN1000WW 安全漏洞
The NETGEAR DGN1000WW is a wireless router from NETGEAR. A security vulnerability exists in the NETGEAR DGN1000WW, which can be exploited by an attacker to execute arbitrary code via a diagnostic page...
Helmholz REX 跨站脚本漏洞
Helmholz REX is a series of routers from Helmholz. A cross-site scripting vulnerability exists in the Helmholz REX 200 and REX 250, which stems from the ability to store an arbitrary JavaScript load on the device's diagnostic page...
RG-BCR860 OS Command Injection Vulnerability in Beijing StarNet Ruijie Network Technology Co.
The RG-BCR860 is a commercial cloud router from Ruijie Networks China. Ltd. The RG-BCR860 version 2.5.13 suffers from an operating system command injection vulnerability that originates from the failure of the component Network Diagnostic Page to correctly filter constructed command special...
CVE-2023-3450
A vulnerability was found in Ruijie RG-BCR860 2.5.13 and classified as critical. This issue affects some unknown processing of the component Network Diagnostic Page. The manipulation leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the public...
Command injection
A vulnerability was found in Ruijie RG-BCR860 2.5.13 and classified as critical. This issue affects some unknown processing of the component Network Diagnostic Page. The manipulation leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the public...
CVE-2023-3450 Ruijie RG-BCR860 Network Diagnostic Page os command injection
A vulnerability was found in Ruijie RG-BCR860 2.5.13 and classified as critical. This issue affects some unknown processing of the component Network Diagnostic Page. The manipulation leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the public...
CVE-2023-3450 Ruijie RG-BCR860 Network Diagnostic Page os command injection
A vulnerability was found in Ruijie RG-BCR860 2.5.13 and classified as critical. This issue affects some unknown processing of the component Network Diagnostic Page. The manipulation leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the public...
PT-2023-24908 · Ruijie · Ruijie Rg-Bcr860
Name of the Vulnerable Software and Affected Versions: Ruijie RG-BCR860 version 2.5.13 Description: A critical issue affects the Network Diagnostic Page component, leading to os command injection through unknown processing. This can be exploited remotely. Recommendations: For Ruijie RG-BCR860...
GHSA-Q6RQ-4WHR-R879 Missing permission check in Jenkins Active Directory Plugin allows accessing domain health check page
Jenkins Active Directory Plugin 2.19 and earlier does not perform a permission check in an HTTP endpoint. This allows attackers with Overall/Read permission to access the domain health check diagnostic page. Jenkins Active Directory Plugin 2.20 requires Overall/Administer permission to access the...
CVE-2021-36380
Sunhillo SureLine before 8.7.0.1.1 allows Unauthenticated OS Command Injection via shell metacharacters in ipAddr or dnsAddr /cgi/networkDiag.cgi...
CVE-2020-2302
A missing permission check in Jenkins Active Directory Plugin 2.19 and earlier allows attackers with Overall/Read permission to access the domain health check diagnostic page...
CVE-2020-2302
A missing permission check in Jenkins Active Directory Plugin 2.19 and earlier allows attackers with Overall/Read permission to access the domain health check diagnostic page...
CVE-2020-2302
CVE-2020-2302 affects Jenkins Active Directory Plugin 2.19 and earlier, where a missing permission check allows attackers with Overall/Read permission to access the domain health check diagnostic page. The issue is fixed by upgrading to version 2.20, which enforces Overall/Administer permission f...
CVE-2020-24365
An issue was discovered on Gemtek WRTM-127ACN 01.01.02.141 and WRTM-127x9 01.01.02.127 devices. The Monitor Diagnostic network page allows an authenticated attacker to execute a command directly on the target machine. Commands are executed as the root user uid 0. Even if a login is required, most...