CVE-2023-48243

The vulnerability allows a remote attacker to upload arbitrary files in all paths of the system under the context of the application OS user “root” via a crafted HTTP request. By abusing this vulnerability, it is possible to obtain remote code execution RCE with root privileges on the device...

CVE-2023-48242

CVE-2023-48242 is described across multiple feeds as an authenticated remote vulnerability where an attacker can download arbitrary files from all paths under the application OS user (root) via a crafted HTTP request. The provided documents do not specify affected products, versions, or concrete ...

CVE-2023-48242

The vulnerability allows an authenticated remote attacker to download arbitrary files in all paths of the system under the context of the application OS user “root” via a crafted HTTP request...

CVE-2023-48242

The vulnerability allows an authenticated remote attacker to download arbitrary files in all paths of the system under the context of the application OS user “root” via a crafted HTTP request...

Remote Code Execution

Microsoft.IdentityModel.Protocols.SignedHttpRequest is vulnerable to Remote Code Execution. The vulnerability is caused due to Microsoft.IdentityModel trusting the jku claim by default for the SignedHttpRequest protocol. An attacker can make any remote or local HTTP GET request as a result of thi...

WWBN AVideo userRecoverPass.php recoverPass generation insufficient entropy vulnerability

Talos Vulnerability Report TALOS-2023-1896 WWBN AVideo userRecoverPass.php recoverPass generation insufficient entropy vulnerability January 10, 2024 CVE Number CVE-2023-49589 SUMMARY An insufficient entropy vulnerability exists in the userRecoverPass.php recoverPass generation functionality of...

WWBN AVideo image404Raw.php information disclosure vulnerability

Talos Vulnerability Report TALOS-2023-1881 WWBN AVideo image404Raw.php information disclosure vulnerability January 10, 2024 CVE Number CVE-2023-49738 SUMMARY An information disclosure vulnerability exists in the image404Raw.php functionality of WWBN AVideo dev master commit 15fed957fb. A special...

WWBN AVideo import.json.php temporary copy unrestricted php file upload vulnerability

Talos Vulnerability Report TALOS-2023-1885 WWBN AVideo import.json.php temporary copy unrestricted php file upload vulnerability January 10, 2024 CVE Number CVE-2023-49715 SUMMARY A unrestricted php file upload vulnerability exists in the import.json.php temporary copy functionality of WWBN AVide...

WWBN AVideo getLanguageFromBrowser local file inclusion vulnerability

Talos Vulnerability Report TALOS-2023-1886 WWBN AVideo getLanguageFromBrowser local file inclusion vulnerability January 10, 2024 CVE Number CVE-2023-47862 SUMMARY A local file inclusion vulnerability exists in the getLanguageFromBrowser functionality of WWBN AVideo dev master commit 15fed957fb. ...

Bosch Nexo cordless nutrunner security breach

Bosch Nexo Cordless nutrunner is a series of cordless tightening wrenches with integrated controls from Bosch Germany. A security vulnerability exists in Bosch Nexo cordless nutrunner. The vulnerability allows an authenticated, remote attacker to perform actions beyond their authorized access via...

Tenda AX1803 安全漏洞

Tenda AX1803 is a dual-band Gigabit WIFI6 router from Tenda China. A buffer overflow vulnerability exists in the Tenda AX1803 v1.0.0.1, which can be exploited by an attacker to execute arbitrary code on the system by sending a specially crafted HTTP request using the iptv.stb.mode parameter...

WWBN AVideo aVideoEncoder.json.php chunkFile path information disclosure vulnerability

Talos Vulnerability Report TALOS-2023-1869 WWBN AVideo aVideoEncoder.json.php chunkFile path information disclosure vulnerability January 10, 2024 CVE Number CVE-2023-47171 SUMMARY An information disclosure vulnerability exists in the aVideoEncoder.json.php chunkFile path functionality of WWBN...

WWBN AVideo salt generation insufficient entropy vulnerability

Talos Vulnerability Report TALOS-2023-1900 WWBN AVideo salt generation insufficient entropy vulnerability January 10, 2024 CVE Number CVE-2023-49599 SUMMARY An insufficient entropy vulnerability exists in the salt generation functionality of WWBN AVideo dev master commit 15fed957fb. A specially...

Ubuntu: Security Advisory (USN-6038-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Microsoft.IdentityModel.Protocols.SignedHttpRequest remote code execution vulnerability

Impact What kind of vulnerability is it? Who is impacted? Anyone leveraging the SignedHttpRequestprotocol or the SignedHttpRequestValidatoris vulnerable. Microsoft.IdentityModel trusts the jkuclaim by default for the SignedHttpRequestprotocol. This raises the possibility to make any remote or loc...

Security Bulletin: Multiple vulnerabilities in Golang Go may affect IBM Decision Optimization for IBM Cloud Pak for Data (CVE-2022-32149, CVE-2022-41721, CVE-2022-41723, CVE-2022-41724, CVE-2022-41725 and CVE-2023-24532)

Summary There are multiple vulnerabilities in Golang Go used by IBM Decision Optimization for IBM Cloud Pak for Data. IBM Decision Optimization for IBM Cloud Pak for Data has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2022-32149 DESCRIPTION: Golang Go is vulnerable to a denial...

USN-6038-2 golang-1.13, golang-1.16 vulnerabilities

USN-6038-1 fixed several vulnerabilities in Go 1.18. This update provides the corresponding updates for Go 1.13 and Go 1.16. CVE-2022-29526 and CVE-2022-30630 only affected Go 1.16. Original advisory details: It was discovered that the Go net/http module incorrectly handled Transfer-Encoding...

USN-6038-2: Go vulnerabilities

USN-6038-1 fixed several vulnerabilities in Go 1.18. This update provides the corresponding updates for Go 1.13 and Go 1.16. CVE-2022-29526 and CVE-2022-30630 only affected Go 1.16. Original advisory details: It was discovered that the Go net/http module incorrectly handled Transfer-Encoding...

HTTP Request Smuggling

puma is vulnerable to HTTP Request Smuggling. The vulnerability is caused due to a missing validation while parsing chunked transfer encoding bodies, resulting in the smuggling of requests and unbounded resource consumption DoS...

Huawei EulerOS: Security Advisory for python-urllib3 (EulerOS-SA-2024-1072)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...