13 matches found
CVE-2025-34229
Vasion Print formerly PrinterLogic Virtual Appliance Host prior to version 25.1.102 and Application prior to version 25.1.1413 VA/SaaS deployments contain a blind server-side request forgery SSRF vulnerability reachable via the /var/www/app/consolerelease/hp/installApp.php script that can be...
CVE-2025-34229
Vasion Print formerly PrinterLogic Virtual Appliance Host prior to version 25.1.102 and Application prior to version 25.1.1413 VA/SaaS deployments contain a blind server-side request forgery SSRF vulnerability reachable via the /var/www/app/consolerelease/hp/installApp.php script that can be...
CVE-2025-34229 Vasion Print (formerly PrinterLogic) Blind SSRF via HP installApp.php
Vasion Print formerly PrinterLogic Virtual Appliance Host prior to version 25.1.102 and Application prior to version 25.1.1413 VA/SaaS deployments contain a blind server-side request forgery SSRF vulnerability reachable via the /var/www/app/consolerelease/hp/installApp.php script that can be...
CVE-2025-34229
Vulsion: Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to 25.1.102 and Application prior to 25.1.1413 contain a blind SSRF via /var/www/app/console_release/hp/installApp.php. An unauthenticated attacker can cause the system to request internal host addresses (built as http://:...
CVE-2025-34229 Vasion Print (formerly PrinterLogic) Blind SSRF via HP installApp.php
Vasion Print formerly PrinterLogic Virtual Appliance Host prior to version 25.1.102 and Application prior to version 25.1.1413 VA/SaaS deployments contain a blind server-side request forgery SSRF vulnerability reachable via the /var/www/app/consolerelease/hp/installApp.php script that can be...
Siemens RUGGEDCOM ROX Improper Neutralization of Special Elements Used in a Command (CVE-2023-36751)
A vulnerability has been identified in RUGGEDCOM ROX MX5000 All versions V2.16.0, RUGGEDCOM ROX MX5000RE All versions V2.16.0, RUGGEDCOM ROX RX1400 All versions V2.16.0, RUGGEDCOM ROX RX1500 All versions V2.16.0, RUGGEDCOM ROX RX1501 All versions V2.16.0, RUGGEDCOM ROX RX1510 All versions V2.16.0...
VulnCheck KEV: CVE-2023-36847
Juniper Junos OS on EX Series contains a missing authentication for critical function vulnerability that allows an unauthenticated, network-based attacker to cause limited impact to the file system integrity. With a specific request to installAppPackage.php that doesn't require authentication, an...
Siemens RUGGEDCOM ROX 系列多款产品 命令注入漏洞
RUGGEDCOM products offer a degree of robustness and reliability that sets the standard for communication networks deployed in harsh environments. A command injection vulnerability exists in the Siemens RUGGEDCOM ROX, which stems from a lack of server-side input validation, making the install-app...
MAL-2022-6190 Malicious code in sncicd-install-app (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9077b8460d852a9b8afdc2a831fdb0f74e227b48f17f85ddb7ee0da67efa489c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in sncicd-install-app (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9077b8460d852a9b8afdc2a831fdb0f74e227b48f17f85ddb7ee0da67efa489c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Xiaomi MIUI Information Disclosure Vulnerability
Xiaomi MIUI is a set of Android-based smartphone operating systems developed by China's Xiaomi Technology Xiaomi. An information disclosure vulnerability exists in Xiaomi MIUI version 11.0.5.0.QFAEUXM. The vulnerability can be exploited by an attacker with an NFC tool to install an application an...
CVE-2017-6201
A Server Side Request Forgery vulnerability exists in the install app process in Sandstorm before build 0.203. A remote attacker may exploit this issue by providing a URL. It could bypass access control such as firewalls that prevent the attackers from accessing the URLs directly...
Server side request forgery (ssrf)
A Server Side Request Forgery vulnerability exists in the install app process in Sandstorm before build 0.203. A remote attacker may exploit this issue by providing a URL. It could bypass access control such as firewalls that prevent the attackers from accessing the URLs directly...