26 matches found
Siemens RUGGEDCOM APE1808 Product Family Inside BIOS Vulnerability
The RUGGEDCOM APE1808 is a utility-grade application hosting platform that allows you to deploy a range of commercial edge computing and cybersecurity applications in harsh industrial environments. An Inside BIOS vulnerability exists in the Siemens RUGGEDCOM APE1808 product family, which is cause...
fdm-assurances.com Cross Site Scripting vulnerability OBB-2383732
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
CVE-2021-1518
Cisco Firepower Device Manager (FDM) On-Box Software REST API has a vulnerability allowing an authenticated, remote attacker to execute arbitrary code on the device’s underlying OS due to insufficient sanitization of specific REST API inputs. An attacker with valid low-privilege credentials can e...
CVE-2021-1518 Cisco Firepower Device Manager On-Box Software Remote Code Execution Vulnerability
A vulnerability in the REST API of Cisco Firepower Device Manager FDM On-Box Software could allow an authenticated, remote attacker to execute arbitrary code on the underlying operating system of an affected device. This vulnerability is due to insufficient sanitization of user input on specific...
CVE-2021-1369
A vulnerability in the REST API of Cisco Firepower Device Manager FDM On-Box Software could allow an authenticated, remote attacker to gain read and write access to information that is stored on an affected device. This vulnerability is due to the improper handling of XML External Entity XXE...
CVE-2021-1489
CVE-2021-1489 affects Cisco Firepower Device Manager (FDM). A vulnerability in filesystem usage management allows an authenticated, remote attacker to exhaust filesystem resources by uploading files, leading to a DoS and possible database errors with the device becoming unresponsive to web manage...
CVE-2021-1489 Cisco Firepower Device Manager Software Filesystem Space Exhaustion Denial of Service Vulnerability
A vulnerability in filesystem usage management for Cisco Firepower Device Manager FDM Software could allow an authenticated, remote attacker to exhaust filesystem resources, resulting in a denial of service DoS condition on an affected device. This vulnerability is due to the insufficient...
CVE-2021-1369 Cisco Firepower Device Manager On-Box Software XML External Entity Vulnerability
A vulnerability in the REST API of Cisco Firepower Device Manager FDM On-Box Software could allow an authenticated, remote attacker to gain read and write access to information that is stored on an affected device. This vulnerability is due to the improper handling of XML External Entity XXE...
CVE-2021-1369
The CVE-2021-1369 entry concerns Cisco Firepower Device Manager (FDM) On-Box Software. The vulnerability arises from improper handling of XML External Entity (XXE) references when parsing certain XML files in the REST API, enabling an authenticated, remote attacker to read and write information s...
CVE-2021-1369 Cisco Firepower Device Manager On-Box Software XML External Entity Vulnerability
A vulnerability in the REST API of Cisco Firepower Device Manager FDM On-Box Software could allow an authenticated, remote attacker to gain read and write access to information that is stored on an affected device. This vulnerability is due to the improper handling of XML External Entity XXE...
Cisco Firepower Device Manager On-Box Software XML External Entity Vulnerability
A vulnerability in the REST API of Cisco Firepower Device Manager FDM On-Box Software could allow an authenticated, remote attacker to gain read and write access to information that is stored on an affected device. This vulnerability is due to the improper handling of XML External Entity XXE...
CVE-2020-29045
The food-and-drink-menu plugin through 2.2.0 for WordPress allows remote attackers to execute arbitrary code because of an unserialize operation on the fdmcart cookie in loadcartfromcookie in includes/class-cart-manager.php...
Cisco Firepower Threat Defense Software Management Interface DoS (cisco-sa-ftd-mgmt-interface-dos-FkG4MuTU)
According to its self-reported version, Cisco Firepower Threat Defense Software is affected by a denial of service DoS vulnerability in the management interface due to how FTD handles session timeouts for management connections. An unauthenticated, remote attacker can exploit this issue, by sendi...
CVE-2020-3309
Cisco Firepower Device Manager (FDM) On-Box software is affected by CVE-2020-3309, an input-validation vulnerability that enables an authenticated, remote attacker to upload a malicious file and overwrite arbitrary files on the device, potentially modifying the underlying OS. The issue is trigger...
netbutik.fdm.dk XSS vulnerability
Open Bug Bounty ID: OBB-656876 Description| Value ---|--- Affected Website:| netbutik.fdm.dk Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
fdm.pl XSS vulnerability
Vulnerable URL: https://www.fdm.pl/search?q=%3C%2Fscript%3E%3Cimg+src%3Dx+onerror%3Dprompt%28%2FXSSPOSED%2F%29%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 28.11.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 931647 VIP website...
Information disclosure
A vulnerability in the logging subsystem of the Cisco Firepower Threat Defense FTD Firepower Device Manager FDM could allow an unauthenticated, remote attacker to add arbitrary entries to the audit log. This vulnerability affects Cisco Firepower Threat Defense Software versions 6.1.x on the...
CVE-2017-3822
A vulnerability in the logging subsystem of the Cisco Firepower Threat Defense FTD Firepower Device Manager FDM could allow an unauthenticated, remote attacker to add arbitrary entries to the audit log. This vulnerability affects Cisco Firepower Threat Defense Software versions 6.1.x on the...
CVE-2017-3822
A vulnerability in the logging subsystem of the Cisco Firepower Threat Defense FTD Firepower Device Manager FDM could allow an unauthenticated, remote attacker to add arbitrary entries to the audit log. This vulnerability affects Cisco Firepower Threat Defense Software versions 6.1.x on the...
CVE-2017-3822
CVE-2017-3822 describes an unauthenticated remote vulnerability in the logging subsystem of Cisco Firepower Threat Defense (FTD) when FDM (Firepower Device Manager) is enabled. The issue allows an attacker to add arbitrary entries to the audit log due to inadequate input validation in the FDM web...