FreeScout 安全漏洞

FreeScout is a lightweight and powerful free open-source help desk and shared inbox built using PHP Laravel framework by FreeScout Inc. Versions of FreeScout prior to 1.8.213 contained security vulnerabilities. These vulnerabilities stemmed from the reliance on static MD5 hashes for the...

CVE-2025-42878

SAP Web Dispatcher and ICM may expose internal testing interfaces that are not intended for production. If enabled, unauthenticated attackers could exploit them to access diagnostics, send crafted requests, or disrupt services. This vulnerability has a high impact on confidentiality, availability...

EUVD-2025-201849

SAP Web Dispatcher and ICM may expose internal testing interfaces that are not intended for production. If enabled, unauthenticated attackers could exploit them to access diagnostics, send crafted requests, or disrupt services. This vulnerability has a high impact on confidentiality, availability...

CVE-2025-42878

SAP Web Dispatcher and ICM may expose internal testing interfaces that are not intended for production. If enabled, unauthenticated attackers could exploit them to access diagnostics, send crafted requests, or disrupt services. This vulnerability has a high impact on confidentiality, availability...

CVE-2025-42878 Sensitive Data Exposure in SAP Web Dispatcher and Internet Communication Manager (ICM)

SAP Web Dispatcher and ICM may expose internal testing interfaces that are not intended for production. If enabled, unauthenticated attackers could exploit them to access diagnostics, send crafted requests, or disrupt services. This vulnerability has a high impact on confidentiality, availability...

CVE-2019-15801

An issue was discovered on Zyxel GS1900 devices with firmware before 2.50AAHH.0C0. The firmware image contains encrypted passwords that are used to authenticate users wishing to access a diagnostics or password-recovery menu. Using the hardcoded cryptographic key found elsewhere in the firmware,...

CVE-2019-15803

An issue was discovered on Zyxel GS1900 devices with firmware before 2.50AAHH.0C0. Through an undocumented sequence of keypresses, undocumented functionality is triggered. A diagnostics shell is triggered via CTRL-ALT-t, which prompts for the password returned by fdssyspassDebugPasswdret. The...

PT-2023-3096 · D Link · D-Link Dir-842

Name of the Vulnerable Software and Affected Versions: D-Link DIR-842V2 version 1.0.3 Description: The issue is related to a command injection vulnerability in the iperf3 diagnostics function. This vulnerability is associated with a lack of data sanitization at the management level, which could...

CVE-2019-1653

A vulnerability in the web-based management interface of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an unauthenticated, remote attacker to retrieve sensitive information. The vulnerability is due to improper access controls for URLs. An attacker could exploit th...

Unspecified Vulnerability in Oracle E-Business Suite (CNVD-2015-06808)

Oracle E-Business Suite is a fully integrated set of global business management software from Oracle. An unspecified vulnerability exists in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.3, 12.2.3, 12.2.4. Allowing authenticated remote users about diagnostics and DMZ vectors compromises integri...

CVE-2012-6440 Rockwell Automation ControlLogix PLC Improper Input Validation

The Web server password authentication mechanism used by the products is vulnerable to a MitM and Replay attack. Successful exploitation of this vulnerability will allow unauthorized access of the product’s Web server to view and alter product configuration and diagnostics information. Rockwell...