MikroTik RouterOS Confused Deputy (CVE-2019-3924)

MikroTik RouterOS before 6.43.12 stable and 6.42.12 long-term is vulnerable to an intermediary vulnerability. The software will execute user defined network requests to both WAN and LAN clients. A remote unauthenticated attacker can use this vulnerability to bypass the router's firewall or for...

Tyler Odyssey 信任管理问题漏洞

Tyler Technologies Tyler Odyssey is a court and judicial software system from Tyler Technologies, USA. Tyler Odyssey suffers from a security vulnerability that stems from passing unencrypted bytes from an intermediary to a client An intermediary attacker can inject an incorrect response to the...

CVE-2020-5526

The AWMS Mobile App for Android 2.0.0 to 2.0.5 and for iOS 2.0.0 to 2.0.8 does not verify X.509 certificates from servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

CVE-2019-3924

MikroTik RouterOS before 6.43.12 stable and 6.42.12 long-term is vulnerable to an intermediary vulnerability. The software will execute user defined network requests to both WAN and LAN clients. A remote unauthenticated attacker can use this vulnerability to bypass the router's firewall or for...