36 matches found
EUVD-2020-28756
Malware in sbrugna...
VulnCheck KEV: CVE-2018-15138
Ericsson-LG iPECS NMS 30M allows directory traversal via ipecs-cm/download?filename=../ URIs...
CVE-2020-7824
A vulnerability in the web-based management interface of iPECS could allow an authenticated, remote attacker to get administrator permission. The vulnerability is due to insecure permission when handling session cookies. An attacker could exploit this vulnerability by modification the cookie valu...
CVE-2020-7824
A vulnerability in the web-based management interface of iPECS could allow an authenticated, remote attacker to get administrator permission. The vulnerability is due to insecure permission when handling session cookies. An attacker could exploit this vulnerability by modification the cookie valu...
Design/Logic Flaw
A vulnerability in the web-based management interface of iPECS could allow an authenticated, remote attacker to get administrator permission. The vulnerability is due to insecure permission when handling session cookies. An attacker could exploit this vulnerability by modification the cookie valu...
CVE-2020-7824
CVE-2020-7824 affects Ericsson iPECS web-based management interface. The issue arises from insecure permission handling of session cookies, enabling an authenticated, remote attacker to modify a cookie value and obtain administrator privileges. Reported impact includes access to sensitive device ...
CVE-2020-7824 Ericssonlg iPECS Privilege Escalation Vulnerability
A vulnerability in the web-based management interface of iPECS could allow an authenticated, remote attacker to get administrator permission. The vulnerability is due to insecure permission when handling session cookies. An attacker could exploit this vulnerability by modification the cookie valu...
CVE-2018-15138
Ericsson-LG iPECS NMS 30M allows directory traversal via ipecs-cm/download?filename=../ URIs...
CVE-2018-15138
Ericsson-LG iPECS NMS 30M allows directory traversal via ipecs-cm/download?filename=../ URIs...
CVE-2018-15138
Ericsson-LG iPECS NMS 30M allows directory traversal via ipecs-cm/download?filename=../ URIs...
CVE-2018-15138
CVE-2018-15138 affects Ericsson-LG iPECS NMS 30M and is a Local File Inclusion vulnerability exposed through the ipecs-cm/download?filename=../ URI, enabling an attacker to read sensitive files on the target. The issue is categorized as directory traversal/LFI; CVSS data in the connected sources ...
Ericson-LG iPECS NMS 30M Directory Traversal Vulnerability
The Ericsson-LG iPECS NMS is a network management solution from Ericson-LG in Korea. A directory traversal vulnerability exists in Ericsson-LG iPECS NMS 30M. An attacker can exploit the vulnerability to directly download configuration files...
iPECS (Ericsson-LG) CM Detection (HTTP)
HTTP based detection of iPECS an Ericsson-LG brand CM. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ericsson-LG iPECS NMS 30M - Directory Traversal Vulnerability
Exploit for linux platform in category web applications Exploit Title: LG-Ericsson iPECS NMS 30M - Directory Traversal Shodon Dork: iPECS CM Exploit Author: Safak Aslan Software Link: www.ipecs.com Version: 30M System Authentication Required: No Tested on: Linux CVE: N/A Description The directory...
LG-Ericsson iPECS NMS 30M - Directory Traversal
LG-Ericsson iPECS NMS 30M - Directory Traversal Exploit Title: LG-Ericsson iPECS NMS 30M - Directory Traversal Shodon Dork: iPECS CM Exploit Author: Safak Aslan Software Link: www.ipecs.com Version: 30M-B.2Ia and 30M-2.3Gn Authentication Required: No Tested on: Linux CVE: N/A Description The...
LG-Ericsson iPECS NMS 30M Directory Traversal
Exploit Title: LG-Ericsson iPECS NMS 30M - Directory Traversal Shodon Dork: iPECS CM Exploit Author: Safak Aslan Software Link: www.ipecs.com Version: 30M System Authentication Required: No Tested on: Linux CVE: N/A Description The directory traversal was detected on LG-Ericsson's iPECS product...
The vulnerability of the web portal for managing the Ericsson-LG iPECS NMS allows a hacker to bypass authentication procedures and execute arbitrary code.
The vulnerability of the Ericsson-LG iPECS NMS network management portal is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to bypass authentication procedures and execute arbitrary code using parameters “id” and...
Ericsson-LG iPECS NMS A.1Ac Credential Disclosure
-- coding: utf-8 -- Exploit Title: Ericsson-LG iPECS NMS - Cleartext Cred. Dump Vendor Notification: 03-03-2018 - No response Initial CVE: 04-04-2018 Disclosure: 21-04-2018 Exploit Author: Berk Cem GAPksel Contact: twitter.com/berkcgoksel || bgoksel.com Vendor Homepage: http://www.ipecs.com/...
iPECS (Ericsson-LG) NMS Detection (HTTP)
HTTP based detection of iPECS an Ericsson-LG brand NMS. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ericson-LG iPECS NMS SQL Injection Vulnerability
The Ericsson-LG iPECS NMS is a network management solution from Ericson-LG in Korea. A SQL injection vulnerability exists in the User ID and password fields of the login portal in Ericsson-LG iPECS NMS version A.1Ac. A remote attacker can exploit this vulnerability to bypass the login page and...