3 matches found
CVE-2025-34071
A remote code execution vulnerability in GFI Kerio Control 9.4.5 allows attackers with administrative access to upload and execute arbitrary code through the firmware upgrade feature. The system upgrade mechanism accepts unsigned .img files, which can be modified to include malicious scripts with...
CVE-2021-36226
Western Digital My Cloud devices before OS5 do not use cryptographically signed Firmware upgrade files...
HPSBPI03569 rev 4 - HP LaserJet Enterprise printers, HP PageWide Enterprise printers, HP LaserJet Managed printers, HP OfficeJet Enterprise printers, Execution of arbitrary code
Potential Security Impact Execution of arbitrary code Source: NTT Security Reported By: Stephen Breen VULNERABILITY SUMMARY Insufficient Solution DLL Signature Validation allows potential execution of arbitrary code. RESOLUTION Available Mitigation Settings: The vulnerability can be avoided by...