Lucene search
K

5 matches found

CNVD
CNVD
added 2018/12/04 12:0 a.m.6 views

Drobo 5N2 cross-site scripting vulnerability (CNVD-2019-05932)

The Drobo 5N2 NAS is a networked storage appliance NAS from Drobo, USA. The device features data sharing, data backup, remote access and disaster recovery. A cross-site scripting vulnerability exists in the /DroboAccess/deleteuser endpoint in Drobo 5N2 NAS version 4.0.5-13.28.96115. A remote...

6.1CVSS6.6AI score0.00707EPSS
Exploits1References1
CNVD
CNVD
added 2018/12/04 12:0 a.m.7 views

Drobo 5N2 Cross-Site Scripting Vulnerability

The Drobo 5N2 NAS is a networked storage appliance NAS from Drobo, USA. The device features data sharing, data backup, remote access and disaster recovery. A cross-site scripting vulnerability exists in the MySQL API error page in Drobo 5N2 NAS version 4.0.5-13.28.96115. A remote attacker can...

6.1CVSS6.5AI score0.00707EPSS
Exploits1References1
CNVD
CNVD
added 2018/12/04 12:0 a.m.6 views

Drobo 5N2 Improper Access Control Vulnerability (CNVD-2019-05929)

The Drobo 5N2 NAS is a networked storage appliance NAS from Drobo, USA. The device features data sharing, data backup, remote access and disaster recovery. An access control error vulnerability exists in the /mysql/api/diags.php endpoint in Drobo 5N2 NAS version 4.0.5-13.28.96115. An attacker can...

7.5CVSS6.7AI score0.01313EPSS
Exploits1References1
CNVD
CNVD
added 2018/12/04 12:0 a.m.4 views

Drobo 5N2 System Command Injection Vulnerability

The Drobo 5N2 NAS is a networked storage appliance NAS from Drobo, USA. The device features data sharing, data backup, remote access and disaster recovery. A command injection vulnerability exists in the /DroboPix/api/drobopix/demo endpoint in Drobo 5N2 NAS version 4.0.5-13.28.96115. An attacker...

10CVSS8.3AI score0.17113EPSS
Exploits1References1
OSV
OSV
added 2018/12/03 10:29 p.m.3 views

CVE-2018-14703

Incorrect access control in the /mysql/api/droboapp/data endpoint in Drobo 5N2 NAS version 4.0.5-13.28.96115 allows unauthenticated attackers to retrieve the MySQL database root password...

9.8CVSS5.8AI score0.01337EPSS
Exploits1References1
Rows per page
Query Builder