61 matches found
EUVD-2024-55533
Hirschmann HiEOS devices contain an authentication bypass vulnerability in the HTTPS management module that allows unauthenticated remote attackers to gain administrative access by sending specially crafted HTTPS requests. Attackers can exploit improper authentication handling to obtain elevated...
CVE-2024-14034
Hirschmann HiEOS devices versions prior to 01.1.00 contain an authentication bypass vulnerability in the HTTPS management module that allows unauthenticated remote attackers to gain administrative access by sending specially crafted HTTPS requests. Attackers can exploit improper authentication...
CVE-2024-14034
CVE-2024-14034 affects Hirschmann HiEOS devices, featuring an authentication bypass in the HTTP(S) management module. The root cause is improper authentication handling that allows unauthenticated remote attackers to gain administrative access. Impact per sources includes the ability to perform u...
CVE-2024-14034 Hirschmann HiEOS Authentication Bypass via HTTP Management Module
Hirschmann HiEOS devices versions prior to 01.1.00 contain an authentication bypass vulnerability in the HTTPS management module that allows unauthenticated remote attackers to gain administrative access by sending specially crafted HTTPS requests. Attackers can exploit improper authentication...
CVE-2026-20106
A vulnerability in the Remote Access SSL VPN, HTTP management and MUS functionality, of Cisco Secure Firewall Adaptive Security Appliance ASA Software and Secure Firewall Threat Defense FTD Software could allow an unauthenticated, remote attacker to exhaust device memory resulting in a denial of...
PT-2026-22983
A vulnerability in the Remote Access SSL VPN, HTTP management and MUS functionality, of Cisco Secure Firewall Adaptive Security Appliance ASA Software and Secure Firewall Threat Defense FTD Software could allow an unauthenticated, remote attacker to exhaust device memory resulting in a denial of...
CVE-2018-6449
Host Header Injection vulnerability in the http management interface in Brocade Fabric OS versions before v9.0.0 could allow a remote attacker to exploit this vulnerability by injecting arbitrary HTTP headers...
CVE-2023-31245
Devices using Snap One OvrC cloud are sent to a web address when accessing a web management interface using a HTTP connection. Attackers could impersonate a device and supply malicious information about the device’s web server interface. By supplying malicious parameters, an attacker could redire...
MikroTik RouterOS和MikroTik RouterOS 7 安全漏洞
MikroTik RouterOS and MikroTik RouterOS 7 are both products of the Latvian company MikroTik.MikroTik RouterOS is a router operating system developed on Linux. The system can be deployed in a PC to make it provide router functionality.MikroTik RouterOS 7 is an operating system... A security...
EUVD-2005-3181
Malware in sbrugna...
EUVD-2017-12965
Malware in sbrugna...
EUVD-2002-0597
Malware in sbrugna...
EUVD-2018-1166
Malware in sbrugna...
EUVD-2006-2167
Malware in sbrugna...
EUVD-2016-7384
Malware in sbrugna...
EUVD-2017-17357
Malware in sbrugna...
3Com SuperStack Switch Denial of Service
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule '3Com SuperStack Switch Denial of Service', 'Description' = %q This module causes a temporary denial of service condition against 3Com SuperStack...
CVE-2018-6447
A Reflective XSS Vulnerability in HTTP Management Interface in Brocade Fabric OS versions before Brocade Fabric OS v9.0.0, v8.2.2c, v8.2.1e, v8.1.2k, v8.2.0CBN3, v7.4.2g could allow authenticated attackers with access to the web interface to hijack a user’s session and take over the account...
Design/Logic Flaw
Host Header Injection vulnerability in the http management interface in Brocade Fabric OS versions before v9.0.0 could allow a remote attacker to exploit this vulnerability by injecting arbitrary HTTP headers...
Cross site scripting
A Reflective XSS Vulnerability in HTTP Management Interface in Brocade Fabric OS versions before Brocade Fabric OS v9.0.0, v8.2.2c, v8.2.1e, v8.1.2k, v8.2.0CBN3, v7.4.2g could allow authenticated attackers with access to the web interface to hijack a user’s session and take over the account...