OpenVPN 安全漏洞

OpenVPN is a software package for creating encrypted tunnels for virtual private networks VPNs from US-based OpenVPN, which uses the OpenSSL library to encrypt data and control information and allows the created VPN to be authenticated using a public key, an electronic certificate, or a...

EUVD-2008-1263

Malware in sbrugna...

CVE-2024-54450

An issue was discovered in Kurmi Provisioning Suite 7.9.0.33. If an X-Forwarded-For header is received during authentication, the Kurmi application will record the possibly forged IP address mentioned in that header rather than the real IP address that the user logged in from. This fake IP addres...

CVE-2023-7211

A vulnerability was found in Uniway Router 2.0. It has been declared as critical. This vulnerability affects unknown code of the component Administrative Web Interface. The manipulation leads to reliance on ip address for authentication. The attack can be initiated remotely. The complexity of an...

CVE-2023-7211

A vulnerability was found in Uniway Router 2.0. It has been declared as critical. This vulnerability affects unknown code of the component Administrative Web Interface. The manipulation leads to reliance on ip address for authentication. The attack can be initiated remotely. The complexity of an...

Design/Logic Flaw

A vulnerability was found in Uniway Router 2.0. It has been declared as critical. This vulnerability affects unknown code of the component Administrative Web Interface. The manipulation leads to reliance on ip address for authentication. The attack can be initiated remotely. The complexity of an...

CVE-2023-7211

CVE-2023-7211 affects Uniway Router 2.0, specifically the Administrative Web Interface. The vulnerability arises from unknown code in that component, causing authentication to rely on the client’s IP address. The issue enables remote exploitation with high impact across confidentiality, integrity...

CVE-2023-7211 Uniway Router Administrative Web Interface reliance on ip address for authentication

A vulnerability was found in Uniway Router 2.0. It has been declared as critical. This vulnerability affects unknown code of the component Administrative Web Interface. The manipulation leads to reliance on ip address for authentication. The attack can be initiated remotely. The complexity of an...

CVE-2023-7211 Uniway Router Administrative Web Interface reliance on ip address for authentication

A vulnerability was found in Uniway Router 2.0. It has been declared as critical. This vulnerability affects unknown code of the component Administrative Web Interface. The manipulation leads to reliance on ip address for authentication. The attack can be initiated remotely. The complexity of an...

Uniway Router Security Vulnerability

Uniway Router is a series of routers from Uniway USA. A security vulnerability exists in Uniway Router version 2.0, which stems from unknown code in the component Administrative Web Interface, resulting in a dependency on an IP address for authentication...

Mitsubishi Electric MELSOFT iQ AppPortal

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Equipment: MELSOFT iQ AppPortal Vulnerabilities: HTTP Request Smuggling, Insufficient Verification of Data Authenticity 2. RISK EVALUATION Successful exploitation of these...

EUVD-2012-5736

Samsung Kies Air 2.1.207051 and 2.1.210161 relies on the IP address for authentication, which allows remote man-in-the-middle attackers to read arbitrary phone contents by spoofing or controlling the IP address...

3Com AP8760 authentication bypass

After initial password check autnentication is IP-address only...

Predictable TCP Initial Sequence Numbers

Title: NetScreen Security Alert 51897 Date: 25 November 2002 Description: Predictable TCP Initial Sequence Numbers Impact: Circumvention of Defined Security Policies Affected Products: All firewall/VPN appliances and systems Affected Software Releases: ScreenOS 1.7, 2.6, 2.8, 3.0, 3.1, 4.0 Summar...