35 matches found
EUVD-2020-28756
Malware in sbrugna...
VulnCheck KEV: CVE-2018-15138
Ericsson-LG iPECS NMS 30M allows directory traversal via ipecs-cm/download?filename=../ URIs...
CVE-2020-7824
A vulnerability in the web-based management interface of iPECS could allow an authenticated, remote attacker to get administrator permission. The vulnerability is due to insecure permission when handling session cookies. An attacker could exploit this vulnerability by modification the cookie valu...
CVE-2020-7824
A vulnerability in the web-based management interface of iPECS could allow an authenticated, remote attacker to get administrator permission. The vulnerability is due to insecure permission when handling session cookies. An attacker could exploit this vulnerability by modification the cookie valu...
Design/Logic Flaw
A vulnerability in the web-based management interface of iPECS could allow an authenticated, remote attacker to get administrator permission. The vulnerability is due to insecure permission when handling session cookies. An attacker could exploit this vulnerability by modification the cookie valu...
CVE-2020-7824 Ericssonlg iPECS Privilege Escalation Vulnerability
A vulnerability in the web-based management interface of iPECS could allow an authenticated, remote attacker to get administrator permission. The vulnerability is due to insecure permission when handling session cookies. An attacker could exploit this vulnerability by modification the cookie valu...
CVE-2020-7824
CVE-2020-7824 affects Ericsson iPECS web-based management interface. The issue arises from insecure permission handling of session cookies, enabling an authenticated, remote attacker to modify a cookie value and obtain administrator privileges. Reported impact includes access to sensitive device ...
CVE-2018-15138
Ericsson-LG iPECS NMS 30M allows directory traversal via ipecs-cm/download?filename=../ URIs...
CVE-2018-15138
Ericsson-LG iPECS NMS 30M allows directory traversal via ipecs-cm/download?filename=../ URIs...
CVE-2018-15138
Ericsson-LG iPECS NMS 30M allows directory traversal via ipecs-cm/download?filename=../ URIs...
CVE-2018-15138
CVE-2018-15138 affects Ericsson-LG iPECS NMS 30M and is a Local File Inclusion vulnerability exposed through the ipecs-cm/download?filename=../ URI, enabling an attacker to read sensitive files on the target. The issue is categorized as directory traversal/LFI; CVSS data in the connected sources ...
iPECS (Ericsson-LG) CM Detection (HTTP)
HTTP based detection of iPECS an Ericsson-LG brand CM. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ericson-LG iPECS NMS 30M Directory Traversal Vulnerability
The Ericsson-LG iPECS NMS is a network management solution from Ericson-LG in Korea. A directory traversal vulnerability exists in Ericsson-LG iPECS NMS 30M. An attacker can exploit the vulnerability to directly download configuration files...
Ericsson-LG iPECS NMS 30M - Directory Traversal Vulnerability
Exploit for linux platform in category web applications Exploit Title: LG-Ericsson iPECS NMS 30M - Directory Traversal Shodon Dork: iPECS CM Exploit Author: Safak Aslan Software Link: www.ipecs.com Version: 30M System Authentication Required: No Tested on: Linux CVE: N/A Description The directory...
LG-Ericsson iPECS NMS 30M Directory Traversal
Exploit Title: LG-Ericsson iPECS NMS 30M - Directory Traversal Shodon Dork: iPECS CM Exploit Author: Safak Aslan Software Link: www.ipecs.com Version: 30M System Authentication Required: No Tested on: Linux CVE: N/A Description The directory traversal was detected on LG-Ericsson's iPECS product...
LG-Ericsson iPECS NMS 30M - Directory Traversal
LG-Ericsson iPECS NMS 30M - Directory Traversal Exploit Title: LG-Ericsson iPECS NMS 30M - Directory Traversal Shodon Dork: iPECS CM Exploit Author: Safak Aslan Software Link: www.ipecs.com Version: 30M-B.2Ia and 30M-2.3Gn Authentication Required: No Tested on: Linux CVE: N/A Description The...
Ericsson-LG iPECS NMS A.1Ac Credential Disclosure
-- coding: utf-8 -- Exploit Title: Ericsson-LG iPECS NMS - Cleartext Cred. Dump Vendor Notification: 03-03-2018 - No response Initial CVE: 04-04-2018 Disclosure: 21-04-2018 Exploit Author: Berk Cem GAPksel Contact: twitter.com/berkcgoksel || bgoksel.com Vendor Homepage: http://www.ipecs.com/...
iPECS (Ericsson-LG) NMS Detection (HTTP)
HTTP based detection of iPECS an Ericsson-LG brand NMS. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ericson-LG iPECS NMS Information Disclosure Vulnerability
The Ericsson-LG iPECS NMS is a network management solution from Ericson-LG in Korea. A security vulnerability exists in the web application in Ericsson-LG iPECS NMS version A.1Ac. The vulnerability can be exploited by an attacker to obtain sensitive information e.g., NMS admin credentials and...
Ericson-LG iPECS NMS SQL Injection Vulnerability
The Ericsson-LG iPECS NMS is a network management solution from Ericson-LG in Korea. A SQL injection vulnerability exists in the User ID and password fields of the login portal in Ericsson-LG iPECS NMS version A.1Ac. A remote attacker can exploit this vulnerability to bypass the login page and...