CVE-2021-47873

VestaCP is affected in versions prior to 0.9.8-25 by a stored XSS in the IP interface configuration. The vulnerability hinges on the v_interface parameter and can be exploited by sending a crafted POST to the add/ip/ endpoint to inject scripts. This is a cross-site scripting issue with potential ...

EUVD-2026-3630

VestaCP versions prior to 0.9.8-25 contain a cross-site scripting vulnerability in the IP interface configuration that allows attackers to inject malicious scripts. Attackers can exploit the 'vinterface' parameter by sending a crafted POST request to the add/ip/ endpoint with a stored XSS payload...

PT-2026-3825

VestaCP versions prior to 0.9.8-25 contain a cross-site scripting vulnerability in the IP interface configuration that allows attackers to inject malicious scripts. Attackers can exploit the 'v interface' parameter by sending a crafted POST request to the add/ip/ endpoint with a stored XSS payloa...

Vesta Control Panel (VestaCP) Cross-site Scripting Vulnerabilities

Vesta Control Panel VestaCP is an open-source virtual hosting control panel developed by Vesta Control Panel Inc. Versions of Vesta Control Panel VestaCP prior to 0.9.8-25 contained a cross-site scripting vulnerability. This vulnerability stemmed from IP interface configurations that allowed...

CVE-2025-9368 432ES-IG3 Series A Denial-of-Service Vulnerability

A security issue exists within 432ES-IG3 Series A, which affects GuardLink® EtherNet/IP Interface, resulting in denial-of-service. A manual power cycle is required to recover the device...

The vulnerability of the Vnet/IP SCADA system’s interface of Yokogawa CENTUM VP allows a intruder to trigger a service failure.

The vulnerability of the Vnet/IP SCADA system of Yokogawa CENTUM VP is related to the incorrect processing of parameter length discrepancies. Exploiting this vulnerability allows a malicious actor to trigger a service failure by sending specially crafted packets...

PT-2024-32880 · Intermesh · Intermesh 7177 Hybrid 2.0 Subscriber +1

Name of the Vulnerable Software and Affected Versions: InterMesh 7177 Hybrid 2.0 Subscriber versions prior to 8.2.12 InterMesh 7707 Fire Subscriber versions prior to 7.2.12 Description: A vulnerability has been identified that could allow an authenticated local attacker to execute arbitrary...

Security bulletin: Authentication bypass vulnerability in IBM SAN Volume Controller and Storwize Family (CVE-2012-6354)

Problem Security bulletin: Authentication bypass vulnerability in IBM SAN Volume Controller and Storwize Family CVE-2012-6354 Resolving The Problem Security Bulletin --- Summary --- Administrative access to the system via the GUI may be obtained without supplying proper credentials. Vulnerability...

Security Bulletin: IBM SAN Volume Controller and Storwize Family security vulnerabilities (CVE-2013-4310 CVE-2013-4316)

Summary Security Bulletin: IBM SAN Volume Controller and Storwize Family security vulnerabilities CVE-2013-4310 CVE-2013-4316 Vulnerability Details Security Bulletin --- Summary --- Administrative access to the system via the IP interface may be obtained without authentication. Vulnerability...

Security Bulletin: Unauthorized access exposure on IBM SAN Volume Controller and Storwize Family (CVE-2013-2251, CVE-2013-2248 CVE-2013-2135, CVE-2013-2134, CVE-2013-2115, CVE-2013-1966 and CVE-2013-1965)

Summary Security Bulletin: Unauthorized access exposure on IBM SAN Volume Controller and Storwize Family CVE-2013-2251 CVE-2013-2248 CVE-2013-2135 CVE-2013-2134 CVE-2013-2115 CVE-2013-1966 CVE-2013-1965 Vulnerability Details Security Bulletin --- Summary --- Administrative access to the system vi...

Security Bulletin: Unauthorized access exposure on IBM SAN Volume Controller and Storwize Family (CVE-2013-2251 CVE-2013-2248 CVE-2013-2135 CVE-2013-2134 CVE-2013-2115 CVE-2013-1966 CVE-2013-1965)

Abstract Administrative access to the system via the IP interface may be obtained without authentication. Content VULNERABILITY DETAILS: CVEID: CVE-2013-2251 CVE-2013-2248 CVE-2013-2135 CVE-2013-2134 CVE-2013-2115 CVE-2013-1966 CVE-2013-1965 DESCRIPTION: The vulnerabilities can be exploited by a...

Denial of service

A denial of service vulnerability exists in MDT's firmware for the KNXnet/IP Secure router SCN-IP100.03 and KNX IP interface SCN-IP000.03 before v3.0.4, that allows a remote attacker to turn the device unresponsive to all requests on the KNXnet/IP Secure layer, until the device is rebooted, via a...

DEBIAN-CVE-2020-14422

Lib/ipaddress.py in Python through 3.8.3 improperly computes hash values in the IPv4Interface and IPv6Interface classes, which might allow a remote attacker to cause a denial of service if an application is affected by the performance of a dictionary containing IPv4Interface or IPv6Interface...

Remote code execution

A remote code execution vulnerability is present in network-listening components in some versions of ArubaOS. An attacker with the ability to transmit specially-crafted IP traffic to a mobility controller could exploit this vulnerability and cause a process crash or to execute arbitrary code with...

Reverse Engineering 4G Hotspots for fun, bugs and net financial loss

a.k.a. 4G hotspots and their Discontents You might be here because you saw our talk at Defcon 27. You might want to watch that for the full rundown! TL;DR We found multiple vulnerabilities in several well known vendors Mi-Fi devices, including pre- and post-auth command injection and code executi...

Aerotech Ensemble Epaq PLC Detection

Binary data 763912.prm...

Security Bulletin: Intelligent Clusters Security Bulletin, 1410

Summary Security Bulletin: Intelligent Clusters Security Bulletin, 1410 Vulnerability Details Security Bulletin --- Summary --- Administrative access to the system via the IP interface may be obtained without authentication. Vulnerability Details --- CVEID: CVE-2013-4310 CVE-2013-4316 DESCRIPTION...

Successful Shell Attack Detected - Cisco 'show ip interface' Command

Binary data 6210.prm...