Lucene search
K

168 matches found

NVD
NVD
added 2023/05/16 3:15 p.m.22 views

CVE-2023-31856

A command injection vulnerability in the hostTime parameter in the function NTPSyncWithHostof TOTOLINK CP300+ V5.2cu.7594B20200910 allows attackers to execute arbitrary commands via a crafted http packet...

9.8CVSS9.8AI score0.02909EPSS
Exploits1References1
Prion
Prion
added 2023/05/16 3:15 p.m.24 views

Command injection

A command injection vulnerability in the hostTime parameter in the function NTPSyncWithHostof TOTOLINK CP300+ V5.2cu.7594B20200910 allows attackers to execute arbitrary commands via a crafted http packet...

7.5CVSS9.7AI score0.02909EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2023/05/16 12:0 a.m.59 views

CVE-2023-31856

Summary: CVE-2023-31856 affects TOTOLINK CP300+ firmware V5.2cu.7594_B20200910. The issue is a command-injection in the hostTime parameter of the function NTPSyncWithHost, exploitable via a crafted HTTP packet. This can allow an attacker to execute arbitrary commands remotely with no user interac...

9.8CVSS9.7AI score0.02909EPSS
Exploits1References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2023/04/13 12:0 a.m.11 views

CVE-2023-20118

A vulnerability in the web-based management interface of Cisco Small Business Routers RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to execute arbitrary commands on an affected device. This vulnerability is due to improper validation of user...

7.2CVSS7.2AI score0.53827EPSS
In wildExploits0References2
Tenable Nessus
Tenable Nessus
added 2023/03/29 12:0 a.m.23 views

Schneider Electric PowerLogic Improper Input Validation (CVE-2021-22767)

UNSUPPORTED WHEN ASSIGNED A CWE-20: Improper Input Validation vulnerability exists in PowerLogic EGX100 Versions 3.0.0 and newer and PowerLogic EGX300 All Versions that could cause denial of service or remote code execution via a specially crafted HTTP packet.This CVE ID is unique from...

9.8CVSS9.1AI score0.02708EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/03/29 12:0 a.m.17 views

Schneider Electric PowerLogic Improper Input Validation (CVE-2021-22768)

UNSUPPORTED WHEN ASSIGNED A CWE-20: Improper Input Validation vulnerability exists in PowerLogic EGX100 Versions 3.0.0 and newer and PowerLogic EGX300 All Versions that could cause denial of service or remote code execution via a specially crafted HTTP packet.This CVE ID is unique from...

9.8CVSS9.1AI score0.02708EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/08/19 12:0 a.m.83 views

Cisco Secure Web Appliance < 14.5.0-537 Privilege Escalation (cisco-sa-wsa-prv-esc-8PdRU8t8)

According to its self-reported version, Cisco Web Security Appliance WSA is affected by a privilege escalation vulnerability. This vulnerability is due to insufficient validation of user-supplied input for the web interface. An authenticated, remote attacker could exploit this vulnerability to...

8.8CVSS5.7AI score0.01863EPSS
Exploits0References3
NVD
NVD
added 2022/08/17 9:15 p.m.44 views

CVE-2022-2337

A crafted HTTP packet with a missing HTTP URI can create a denial-of-service condition in Softing Secure Integration Server V1.22...

7.5CVSS0.01297EPSS
Exploits0References2
NVD
NVD
added 2022/08/17 9:15 p.m.33 views

CVE-2022-2547

A crafted HTTP packet without a content-type header can create a denial-of-service condition in Softing Secure Integration Server V1.22...

7.5CVSS0.01297EPSS
Exploits0References2
NVD
NVD
added 2022/08/17 9:15 p.m.31 views

CVE-2022-2335

A crafted HTTP packet with a -1 content-length header can create a denial-of-service condition in Softing Secure Integration Server V1.22...

7.5CVSS0.01324EPSS
Exploits0References2
OSV
OSV
added 2022/08/17 9:15 p.m.4 views

CVE-2022-2335

A crafted HTTP packet with a -1 content-length header can create a denial-of-service condition in Softing Secure Integration Server V1.22...

7.5CVSS7.1AI score0.01324EPSS
Exploits0References2
NVD
NVD
added 2022/08/17 9:15 p.m.22 views

CVE-2022-1069

A crafted HTTP packet with a large content-length header can create a denial-of-service condition in Softing Secure Integration Server V1.22...

7.5CVSS0.01324EPSS
Exploits0References2
OSV
OSV
added 2022/08/17 9:15 p.m.4 views

CVE-2022-1069

A crafted HTTP packet with a large content-length header can create a denial-of-service condition in Softing Secure Integration Server V1.22...

7.5CVSS5.8AI score0.01324EPSS
Exploits0References2
Prion
Prion
added 2022/08/17 9:15 p.m.24 views

Design/Logic Flaw

A crafted HTTP packet with a large content-length header can create a denial-of-service condition in Softing Secure Integration Server V1.22...

5CVSS7.5AI score0.01324EPSS
Exploits0References2Affected Software6
Prion
Prion
added 2022/08/17 9:15 p.m.22 views

Design/Logic Flaw

A crafted HTTP packet with a -1 content-length header can create a denial-of-service condition in Softing Secure Integration Server V1.22...

5CVSS7.5AI score0.01324EPSS
Exploits0References2Affected Software6
Cvelist
Cvelist
added 2022/08/17 8:18 p.m.44 views

CVE-2022-2337 Softing Secure Integration Server NULL Pointer Dereference

A crafted HTTP packet with a missing HTTP URI can create a denial-of-service condition in Softing Secure Integration Server V1.22...

7.5CVSS7.6AI score0.01297EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2022/08/17 8:18 p.m.8 views

CVE-2022-2337 Softing Secure Integration Server NULL Pointer Dereference

A crafted HTTP packet with a missing HTTP URI can create a denial-of-service condition in Softing Secure Integration Server V1.22...

7.5CVSS6.7AI score0.01297EPSS
Exploits0References2
Cvelist
Cvelist
added 2022/08/17 8:17 p.m.29 views

CVE-2022-1069 Softing Secure Integration Server Out-of-bounds Read

A crafted HTTP packet with a large content-length header can create a denial-of-service condition in Softing Secure Integration Server V1.22...

7.5CVSS7.7AI score0.01324EPSS
Exploits0References2
Cvelist
Cvelist
added 2022/08/17 8:13 p.m.33 views

CVE-2022-2335 Softing Secure Integration Server Integer Underflow

A crafted HTTP packet with a -1 content-length header can create a denial-of-service condition in Softing Secure Integration Server V1.22...

7.5CVSS7.6AI score0.01324EPSS
Exploits0References2
CVE
CVE
added 2022/08/17 8:13 p.m.78 views

CVE-2022-2335

Softing Secure Integration Server is affected by CVE-2022-2335 via an integer underflow in the HTTP Content-Length handling. A crafted HTTP packet with a -1 content-length header can cause a denial-of-service on vulnerable installations (notably versions around V1.22). The vulnerability is exploi...

7.5CVSS7.6AI score0.01324EPSS
Exploits0References2Affected Software6
Rows per page
Query Builder