Lucene search
K

5908 matches found

0day.today
0day.today
added 2018/06/25 12:0 a.m.41 views

Ecessa Edge EV150 10.7.4 - Cross-Site Request Forgery (Add Superuser) Vulnerability

Exploit for hardware platform in category web applications Exploit Title: Ecessa Edge EV150 10.7.4 - Cross-Site Request Forgery Add Superuser Author: LiquidWorm Vendor: Ecessa Corporation Product web page: https://www.ecessa.com Affected version: 10.7.4, 10.6.9, 10.6.5.2, 10.5.4, 10.2.24, 9.2.24...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2018/06/25 12:0 a.m.23 views

Ecessa ShieldLink SL175EHQ 10.7.4 - Cross-Site Request Forgery (Add Superuser)

Ecessa ShieldLink SL175EHQ 10.7.4 - Cross-Site Request Forgery Add Superuser Exploit Title: Ecessa ShieldLink SL175EHQ 10.7.4 - Cross-Site Request Forgery Add Superuser Date: 2018-05-21 Vendor: Ecessa Corporation Product web page: https://www.ecessa.com Affected version: 10.7.4, 10.6.9, 10.7.4,...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2018/06/25 12:0 a.m.23 views

Ecessa Edge EV150 10.7.4 - Cross-Site Request Forgery (Add Superuser)

Ecessa Edge EV150 10.7.4 - Cross-Site Request Forgery Add Superuser Exploit Title: Ecessa Edge EV150 10.7.4 - Cross-Site Request Forgery Add Superuser Author: LiquidWorm Date: 2018-05-21 Vendor: Ecessa Corporation Product web page: https://www.ecessa.com Affected version: 10.7.4, 10.6.9, 10.6.5.2...

Exploits0
0day.today
0day.today
added 2018/06/25 12:0 a.m.89 views

Ecessa WANWorx WVR-30 < 10.7.4 - Cross-Site Request Forgery (Add Superuser) Vulnerability

Exploit for hardware platform in category web applications Exploit title: Ecessa WANWorx WVR-30 input type="hidden" name="userusername1" value=...

0.3AI score
Exploits0
0day.today
0day.today
added 2018/06/25 12:0 a.m.45 views

Ecessa Edge EV150 10.7.4 - Cross-Site Request Forgery (Add Superuser) Vulnerability

Exploit for hardware platform in category web applications Exploit Title: Ecessa Edge EV150 10.7.4 - Cross-Site Request Forgery Add Superuser Author: LiquidWorm Vendor: Ecessa Corporation Product web page: https://www.ecessa.com Affected version: 10.7.4, 10.6.9, 10.6.5.2, 10.5.4, 10.2.24, 9.2.24...

0.1AI score
Exploits0
0day.today
0day.today
added 2018/06/25 12:0 a.m.48 views

Ecessa ShieldLink SL175EHQ < 10.7.4 - Cross-Site Request Forgery (Add Superuser) Vulnerability

Exploit for hardware platform in category web applications Exploit Title: Ecessa ShieldLink SL175EHQ 10.7.4 - Cross-Site Request Forgery Add Superuser Vendor: Ecessa Corporation Product web page: https://www.ecessa.com Affected version: 10.7.4, 10.6.9, 10.7.4, 10.6.5.2, 10.5.4, 10.2.24, 9.2.24...

0.2AI score
Exploits0
Exploit DB
Exploit DB
added 2018/06/25 12:0 a.m.58 views

Ecessa WANWorx WVR-30 &lt; 10.7.4 - Cross-Site Request Forgery (Add Superuser)

Exploit title: Ecessa WANWorx WVR-30 input type="hidden" nam...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/06/25 12:0 a.m.48 views

Ecessa ShieldLink SL175EHQ &lt; 10.7.4 - Cross-Site Request Forgery (Add Superuser)

Exploit Title: Ecessa ShieldLink SL175EHQ 10.7.4 - Cross-Site Request Forgery Add Superuser Date: 2018-05-21 Vendor: Ecessa Corporation Product web page: https://www.ecessa.com Affected version: 10.7.4, 10.6.9, 10.7.4, 10.6.5.2, 10.5.4, 10.2.24, 9.2.24 Summary: Ecessa's ShieldLink 60, 175, 600,12...

7.4AI score
Exploits0
Zero Science Lab
Zero Science Lab
added 2018/06/24 12:0 a.m.550 views

Ecessa ShieldLink SL175EHQ 10.7.4 CSRF Add Superuser Exploit

Summary Ecessa's ShieldLink 60, 175, 600,1200 & 4000 are advanced, yet highly affordable secure WAN Optimization Controllers that incorporate all of the ISP/WAN link. Description The application interface allows users to perform certain actions via HTTP requests without performing any validity...

5.3CVSS5.8AI score0.00136EPSS
Exploits1
Zero Science Lab
Zero Science Lab
added 2018/06/24 12:0 a.m.542 views

Ecessa Edge EV150 10.7.4 CSRF Add Superuser Exploit

Summary Internet Failover and Load Balancing for Small Businesses, Stores and Branch Offices. Description The application interface allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to perform certain...

5.3CVSS5.8AI score0.00136EPSS
Exploits1
seebug.org
seebug.org
added 2018/06/22 12:0 a.m.50 views

Insteon Hub PubNub Firmware Upgrade Confusion Permanent Denial Of Service Vulnerability(CVE-2018-3834)

Summary An exploitable permanent denial of service vulnerability exists in Insteon Hub running firmware version 1013. The firmware upgrade functionality, triggered via PubNub, retrieves signed firmware binaries using plain HTTP requests. The device doesn't check the kind of firmware image that is...

7.6AI score0.00512EPSS
Exploits2
seebug.org
seebug.org
added 2018/06/22 12:0 a.m.41 views

Insteon Hub PubNub Firmware Downgrade Vulnerability (CVE-2018-3833)

Summary An exploitable firmware downgrade vulnerability exists in Insteon Hub running firmware version 1013. The firmware upgrade functionality, triggered via PubNub, retrieves signed firmware binaries using plain HTTP requests. The device doesn't check the firmware version that is going to be...

7.7AI score0.01119EPSS
Exploits2
NVD
NVD
added 2018/06/21 11:29 a.m.19 views

CVE-2018-0371

A vulnerability in the Web Admin Interface of Cisco Meeting Server could allow an authenticated, remote attacker to cause a denial of service DoS condition. The vulnerability is due to insufficient validation of incoming HTTP requests. An attacker could exploit this vulnerability by sending a...

6.8CVSS6.5AI score0.03228EPSS
Exploits0References3
Prion
Prion
added 2018/06/21 11:29 a.m.21 views

Input validation

A vulnerability in the Web Admin Interface of Cisco Meeting Server could allow an authenticated, remote attacker to cause a denial of service DoS condition. The vulnerability is due to insufficient validation of incoming HTTP requests. An attacker could exploit this vulnerability by sending a...

6.8CVSS6.4AI score0.03228EPSS
Exploits0References3Affected Software1
Veracode
Veracode
added 2018/06/21 7:33 a.m.21 views

CRLF Injection

Vert.x Core is vulnerable to CRLF injection. The injection is possible because it does not check to forbid the \r or \n characters in HTTP client requests and server responses...

5.3CVSS6.2AI score0.02482EPSS
Exploits0References7Affected Software1
CNVD
CNVD
added 2018/06/21 12:0 a.m.4 views

NX-OS Software Remote Code Execution Vulnerability in Multiple Cisco Products

Cisco Nexus 2000 Series Switches are switching devices.Fabric Modules are switch matrix modules.NX-OS Software is a set of data center-grade operating system software that runs on them. a set of data center-grade operating system software used by the switches. An input validation vulnerability...

10CVSS9.8AI score0.1767EPSS
Exploits0References1
Cisco
Cisco
added 2018/06/20 4:0 p.m.26 views

Cisco Meeting Server Web Admin Interface Denial of Service Vulnerability

A vulnerability in the Web Admin Interface of Cisco Meeting Server could allow an authenticated, remote attacker to cause a denial of service DoS condition. The vulnerability is due to insufficient validation of incoming HTTP requests. An attacker could exploit this vulnerability by sending a...

6.5CVSS2.2AI score0.03228EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 3:21 p.m.22 views

Security Bulletin: IBM TRIRIGA Application Unintended Proxy or Intermediary (CVE-2016-0362)

Summary IBM TRIRIGA platform allows remote attackers to use one of its web services as a proxy to forward HTTP requests to other internal/external Web resources. Vulnerability Details CVEID: CVE-2016-0362 CVSS Base Score: 4.3 CVSS Temporal Score: See for the current score CVSS Environmental Score...

7.7CVSS0.9AI score0.00894EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 8:3 p.m.19 views

Security Bulletin: IBM Tealeaf Customer Experience Replay Server internal proxy accepts connections from external sources (CVE-2016-5968)

Summary The internal HTTP proxy server deployed as part of the IBM Tealeaf Customer Experience Replay Server accepts requests from any network host, not only from local renderers. Vulnerability Details CVEID: CVE-2016-5968 DESCRIPTION: IBM Tealeaf Replay Server allows remote attackers to use one ...

5.3CVSS0.6AI score0.00877EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/15 7:7 a.m.22 views

Security Bulletin: IBM MQ and IBM WebSphere MQ invalid requests could cause denial of service to MQXR listener (CVE-2016-8986)

Summary Invalid HTTP requests could cause a denial of service to the IBM MQ MQXR listener. Vulnerability Details CVEID: CVE-2016-8986 DESCRIPTION: IBM WebSphere MQ could allow an authenticated user with access to the queue manager to bring down MQ channels using specially crafted HTTP requests...

6.5CVSS0.5AI score0.01041EPSS
Exploits0Affected Software1
Rows per page
Query Builder