11 matches found
EUVD-2023-43507
Malicious code in bioql PyPI...
EUVD-2023-43508
Malicious code in bioql PyPI...
Sql injection
N.V.K.INTER CO., LTD. NVK iBSG v3.5 was discovered to contain a SQL injection vulnerability via the apasswd parameter at /portal/user-register.php...
Hardcoded credentials
N.V.K.INTER CO., LTD. NVK iBSG v3.5 was discovered to contain a hardcoded root password which allows attackers to login with root privileges via the SSH service...
CVE-2023-39808
N.V.K.INTER CO., LTD. NVK iBSG v3.5 was discovered to contain a hardcoded root password that allows attackers to login with root privileges via the SSH service. The cleartext password corresponding to the $1$4Tmm01jl$7HRvcW.bz7uGmX9hiQWvR hash was not determined by the vulnerability discoverer...
CVE-2023-39807
N.V.K.INTER CO., LTD. NVK iBSG v3.5 was discovered to contain a SQL injection vulnerability via the apasswd parameter at /portal/user-register.php...
CVE-2023-39807
CVE-2023-39807 affects N.V.K. INTER CO., LTD. iBSG v3.5. The vulnerability is a SQL injection via the a_passwd parameter in the /portal/user-register.php endpoint, enabling potential unauthorized data access or manipulation. The CVSS v3.1 metrics indicate a high-severity, network-exposed issue wi...
CVE-2023-39809
N.V.K.INTER CO., LTD. NVK iBSG v3.5 was discovered to contain an OS command injection vulnerability via shell metacharacters in the systemhostname parameter at /manage/network-basic.php...
CVE-2023-39807
N.V.K.INTER CO., LTD. NVK iBSG v3.5 was discovered to contain a SQL injection vulnerability via the apasswd parameter at /portal/user-register.php...
CVE-2023-39809
N.V.K.INTER CO., LTD. NVK iBSG v3.5 was discovered to contain an OS command injection vulnerability via shell metacharacters in the systemhostname parameter at /manage/network-basic.php...
CVE-2023-39808
CVE-2023-39808 affects N.V.K. INTER iBSG v3.5. The vulnerability stems from a hardcoded root password, enabling an attacker to log in with root privileges over SSH. Public sources corroborate the issue and assign a high severity (CVSSv3.1: 9.8; AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). No exploitatio...