Design/Logic Flaw

The /password.html page of the Web management interface of the Acexy Wireless-N WiFi Repeater REV 1.0 28.08.06.1 contains the administrator account password in plaintext. The page can be intercepted on HTTP...

CVE-2021-28937

The /password.html page of the Web management interface of the Acexy Wireless-N WiFi Repeater REV 1.0 28.08.06.1 contains the administrator account password in plaintext. The page can be intercepted on HTTP...

CVE-2021-28937

Acexy Wireless-N WiFi Repeater REV 1.0 is vulnerable to a password disclosure through its web management interface. The NUCLEI template for CVE-2021-28937 notes that the /password.html page stores the administrator password in plaintext and can be intercepted over HTTP, enabling potential access ...

Amazon Acexy Wireless-N WiFi Repeater REV 安全漏洞

Amazon Acexy Wireless-N WiFi Repeater REV is an Amazon.com, Inc. It is used to provide network services A security vulnerability exists in Acexy Wireless-N WiFi Repeater REV 1.0, which originates from a plaintext password containing the administrator account. It is possible to intercept the page ...

CVE-2021-25368

Hijacking vulnerability in Samsung Cloud prior to version 4.7.0.3 allows attackers to intercept when the provider is executed...

Security feature bypass

Hijacking vulnerability in Samsung Cloud prior to version 4.7.0.3 allows attackers to intercept when the provider is executed...

CVE-2021-25368

The vulnerability CVE-2021-25368 affects Samsung Cloud prior to version 4.7.0.3. Affected component: Samsung Cloud application; issue described as a hijacking vulnerability that allows an attacker to intercept during the provider’s execution. Root cause details are not provided in the connected d...

CVE-2021-25368

Hijacking vulnerability in Samsung Cloud prior to version 4.7.0.3 allows attackers to intercept when the provider is executed...

Cisco Jabber Certificate Validation Vulnerability

Cisco Jabber is a web conferencing and instant messaging application that allows users to send messages over the Extensible Messaging and Status Protocol XMPP. Cisco Jabber suffers from a certificate validation vulnerability that can be exploited by an attacker to be able to inspect or modify the...

CVE-2021-1411

Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for MacOS, and Cisco Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system with elevated privileges, access sensitive information, intercept protected network traffic,...

Design/Logic Flaw

Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for MacOS, and Cisco Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system with elevated privileges, access sensitive information, intercept protected network traffic,...

CVE-2021-1411 Cisco Jabber Desktop and Mobile Client Software Vulnerabilities

Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for MacOS, and Cisco Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system with elevated privileges, access sensitive information, intercept protected network traffic,...

CVE-2021-1471

Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for MacOS, and Cisco Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system with elevated privileges, access sensitive information, intercept protected network traffic,...

Design/Logic Flaw

Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for MacOS, and Cisco Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system with elevated privileges, access sensitive information, intercept protected network traffic,...

CVE-2021-1471 Cisco Jabber Desktop and Mobile Client Software Vulnerabilities

Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for MacOS, and Cisco Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system with elevated privileges, access sensitive information, intercept protected network traffic,...

Cisco Jabber 信任管理问题漏洞

Cisco Jabber is a web conferencing and instant messaging application that allows users to send messages over the Extensible Messaging and Status Protocol XMPP. Cisco Jabber suffers from a certificate validation vulnerability that can be exploited by an attacker to be able to inspect or modify the...

SOYAL Biometric Access Control System 5.0 - Master Code Disclosure

Exploit Title: SOYAL Biometric Access Control System 5.0 - Master Code Disclosure Date: 25.01.2021 Exploit Author: LiquidWorm Vendor Homepage: https://www.soyal.com.tw https://www.soyal.com Vendor: SOYAL Technology Co., Ltd Product web page: https://www.soyal.com.tw | https://www.soyal.com Affect...

CVE-2019-18231

Advantech Spectre RT ERT351 Versions 5.1.3 and prior logins and passwords are transmitted in clear text form, which may allow an attacker to intercept the request...

Server side request forgery (ssrf)

Advantech Spectre RT ERT351 Versions 5.1.3 and prior logins and passwords are transmitted in clear text form, which may allow an attacker to intercept the request...

The vulnerability of the Netlify domain controller, related to improperly configured DNS records, allows attackers to intercept cookie files, bypass Content Security Policy (CSP) security policies, Cross-Origin Resource Sharing (CORS) mechanisms, and gain unauthorized access to protected information.

The vulnerability of the Netlify domain controller implementation is related to improperly configured DNS records. Exploiting this vulnerability allows a malicious actor to intercept cookie files, bypass security mechanisms like CSP, Cross-Origin Resource Sharing CORS, and gain unauthorized acces...