3858 matches found
CVE-2024-5947
Deep Sea Electronics DSE855 Configuration Backup Missing Authentication Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Deep Sea Electronics DSE855 devices. Authentication is not required to...
CVE-2024-5947 Deep Sea Electronics DSE855 Configuration Backup Missing Authentication Information Disclosure Vulnerability
Deep Sea Electronics DSE855 Configuration Backup Missing Authentication Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Deep Sea Electronics DSE855 devices. Authentication is not required to...
CVE-2024-5947 Deep Sea Electronics DSE855 Configuration Backup Missing Authentication Information Disclosure Vulnerability
Deep Sea Electronics DSE855 Configuration Backup Missing Authentication Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Deep Sea Electronics DSE855 devices. Authentication is not required to...
CVE-2024-5947
The CVE-2024-5947 issue affects Deep Sea Electronics DSE855. It arises from a missing authentication flow in the web UI that allows access to the configuration backup (Backup.bin), enabling network-adjacent attackers to disclose stored credentials. The flaw is exploitable without authentication v...
CVE-2024-5948 Deep Sea Electronics DSE855 Multipart Boundary Stack-Based Buffer Overflow Remote Code Execution Vulnerability
Deep Sea Electronics DSE855 Multipart Boundary Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Deep Sea Electronics DSE855 devices. Authentication is not required to exploi...
CVE-2024-5948
CVE-2024-5948 affects the Deep Sea Electronics DSE855 device. The vulnerability is a multipart boundary handling issue where the length of user-supplied data is not properly validated before copying to a fixed-length stack-based buffer, causing a stack-based buffer overflow that can lead to remot...
CVE-2024-5948 Deep Sea Electronics DSE855 Multipart Boundary Stack-Based Buffer Overflow Remote Code Execution Vulnerability
Deep Sea Electronics DSE855 Multipart Boundary Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Deep Sea Electronics DSE855 devices. Authentication is not required to exploi...
CVE-2024-5949 Deep Sea Electronics DSE855 Multipart Boundary Infinite Loop Denial-of-Service Vulnerability
Deep Sea Electronics DSE855 Multipart Boundary Infinite Loop Denial-of-Service Vulnerability. This vulnerability allows network-adjacent attackers to create a denial-of-service condition on affected installations of Deep Sea Electronics DSE855 devices. Authentication is not required to exploit th...
CVE-2024-5949
CVE-2024-5949 affects Deep Sea Electronics DSE855 devices. The flaw is in the handling of multipart boundaries, caused by a logic error that can trigger an infinite loop, enabling network-adjacent attackers to perform a denial-of-service. Authentication is not required. The available connected so...
CVE-2024-5950 Deep Sea Electronics DSE855 Multipart Value Handling Stack-Based Buffer Overflow Remote Code Execution Vulnerability
Deep Sea Electronics DSE855 Multipart Value Handling Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Deep Sea Electronics DSE855 devices. Authentication is not required to...
CVE-2024-5950
CVE-2024-5950 affects Deep Sea Electronics DSE855 devices. The root cause is improper validation of the length of user-supplied data in multipart form handling, copying into a fixed-length stack-based buffer, leading to a stack-based buffer overflow and remote code execution. Exploitation is poss...
CVE-2024-5951
CVE-2024-5951 affects Deep Sea Electronics DSE855 devices. The flaw occurs in the web-based UI where there is a lack of authentication before granting access to functions, enabling network-adjacent attackers to trigger a denial-of-service by abusing authenticated-access gaps. Documents consistent...
CVE-2024-5951 Deep Sea Electronics DSE855 Factory Reset Missing Authentication Denial-of-Service Vulnerability
Deep Sea Electronics DSE855 Factory Reset Missing Authentication Denial-of-Service Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Deep Sea Electronics DSE855 devices. Authentication is not required to exploit this...
CVE-2024-5951 Deep Sea Electronics DSE855 Factory Reset Missing Authentication Denial-of-Service Vulnerability
Deep Sea Electronics DSE855 Factory Reset Missing Authentication Denial-of-Service Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Deep Sea Electronics DSE855 devices. Authentication is not required to exploit this...
CVE-2024-5952 Deep Sea Electronics DSE855 Restart Missing Authentication Denial-of-Service Vulnerability
Deep Sea Electronics DSE855 Restart Missing Authentication Denial-of-Service Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Deep Sea Electronics DSE855 devices. Authentication is not required to exploit this vulnerability...
CVE-2024-5952
CVE-2024-5952 affects Deep Sea Electronics DSE855 devices. The flaw is in the web-based UI where authentication is not required, allowing network-adjacent attackers to bypass auth and trigger a denial-of-service condition. Documented by ZDI (ZDI-24-676) and referenced in NVD/NVD-derived entries; ...
CVE-2024-5952 Deep Sea Electronics DSE855 Restart Missing Authentication Denial-of-Service Vulnerability
Deep Sea Electronics DSE855 Restart Missing Authentication Denial-of-Service Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Deep Sea Electronics DSE855 devices. Authentication is not required to exploit this vulnerability...
Deep Sea Electronics DSE855 Security Vulnerability
Deep Sea Electronics DSE855 is a USB to Ethernet communication device from Deep Sea Electronics, UK. A security vulnerability exists in the Deep Sea Electronics DSE855 that stems from a specific flaw in the handling of multipart form variables that lacks proper validation of the length of...
Deep Sea Electronics DSE855 Security Vulnerability
The Deep Sea Electronics DSE855 is a USB to Ethernet communication device from Deep Sea Electronics, UK. A security vulnerability exists in the Deep Sea Electronics DSE855 that stems from a specific flaw in the handling of multi-part boundaries that could lead to an infinite loop logic error, whi...
Deep Sea Electronics DSE855 Security Vulnerability
Deep Sea Electronics DSE855 is a USB to Ethernet communication device from Deep Sea Electronics, UK. A security vulnerability exists in the Deep Sea Electronics DSE855 that stems from a specific flaw in the Web UI that allows access to functions lacking authentication, which could be exploited by...