13 matches found
CVE-2023-40798
In Tenda AC23 v16.03.07.45cn, the formSetIPv6status and formGetWanParameter functions do not authenticate user input parameters, resulting in a post-authentication stack overflow vulnerability...
LevelOne WBR-6012 输入验证错误漏洞
The LevelOne WBR-6012 is a wireless router from LevelOne. The LevelOne WBR-6012 suffers from an Input Authentication Error vulnerability that originates from a series of incorrectly formatted FTP commands that can lead to a denial of service...
PT-2023-27642 · Tenda · Tenda Ac23
Name of the Vulnerable Software and Affected Versions: Tenda AC23 version 16.03.07.45 cn Description: The formSetIPv6status and formGetWanParameter functions do not authenticate user input parameters, resulting in a post-authentication stack overflow vulnerability. Recommendations: For Tenda AC23...
F5 BIG-IP and BIG-IQ AWS Input Validation Error Vulnerability
F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. An input authentication error vulnerability exists in F5 BIG-IP and BIG-IQ AWS, which can be exploited by unauthenticated...
Siemens SIPROTEC 5输入验证错误漏洞
Siemens SIPROTEC 5 is a multifunction relay from Siemens, Germany. Siemens SIPROTEC 5 suffers from an Input Authentication Error vulnerability that arises from incoming webpackets that are not handled correctly. An unauthenticated, remote attacker with access to any Ethernet interface could explo...
mod_auth_openidc 输入输入验证错误漏洞
modauthopenidc is a software application. It is an authentication/authorization module for the Apache 2.x HTTP server, used as an OpenID Connect dependency to authenticate users according to the OpenID Connect provider. modauthopenidc is an authentication/authorization module for the Apache 2.x...
Actions ATS2815输入验证错误漏洞
The Actions ATS2815 is a Bluetooth chip from Actions. The Actions ATS2815 suffers from an Input Authentication Error vulnerability that stems from the Bluetooth Classic implementation on the Actions ATS2815 and ATS2819 chipsets failing to correctly handle the receipt of LMPhostconnectionreq...
Intel Ethernet Controllers 输入验证错误漏洞
Intel Ethernet Controllers is an Ethernet controller from Intel Corporation USA. A security vulnerability exists in the Intel Ethernet Controllers X722 and 800 series, which stems from incorrect input authentication in the Linux RMDA driver. The vulnerability could allow an authenticated user to...
Oracle Coherence Input Validation Error Vulnerability (CNVD-2021-33847)
Oracle Coherence is an application from Oracle Corporation. It provides fast access to frequently used data to enable predictable scaling of mission-critical applications. Oracle Coherence Core 3.7.1.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0, 14.1.1.0.0 suffers from an Input Authentication Error...
Oracle Coherence 输入验证错误漏洞
Oracle Coherence is an application from Oracle Corporation. It provides fast access to frequently used data to enable predictable scaling of mission-critical applications. Oracle Coherence Core 3.7.1.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0, 14.1.1.0.0 suffers from an Input Authentication Error...
360 F5 Input Validation Error Vulnerability
The 360 F5 is a smartphone device from the Chinese company 360. The 360F5 3.1.3.64296 and lower suffers from an Input Authentication Error vulnerability that stems from a specific illegal 802.11 Null Data Frame, which causes other wireless terminals to disconnect from the wireless connection in...
Huawei 4G Router B612 Null Pointer Dereference Vulnerability
Huawei 4G Router B612 is an LTE router product from Huawei China. The product can use 4G network as a shared hotspot. A security vulnerability exists in the Huawei 4G Router B612. The vulnerability stems from the program not properly authenticating input. An unauthenticated attacker could exploit...
Cisco ASR 5000 Router GTPv2 Input Authentication Denial of Service Vulnerability
The Cisco ASR 5000 Series is a carrier-class platform for deploying high-demand 3G networks and migrating to Long Term Evolution LTE. A security vulnerability in the Cisco ASR 5000 Router allows a remote attacker to submit a special GTPv2 message to trigger an input validation error on the target...