7 matches found
EUVD-2022-39486
Malicious code in bioql PyPI...
CVE-2023-43118
Cross Site Request Forgery CSRF vulnerability in Chalet application in Extreme Networks Switch Engine EXOS before 32.5.1.5, fixed in 31.7.2 and 32.5.1.5 allows attackers to run arbitrary code and cause other unspecified impacts via /jsonrpc API...
CVE-2023-43118
Cross Site Request Forgery CSRF vulnerability in Chalet application in Extreme Networks Switch Engine EXOS before 32.5.1.5, fixed in 31.7.2 and 32.5.1.5 allows attackers to run arbitrary code and cause other unspecified impacts via /jsonrpc API...
Cross site request forgery (csrf)
Cross Site Request Forgery CSRF vulnerability in Chalet application in Extreme Networks Switch Engine EXOS before 32.5.1.5, fixed in 31.7.2 and 32.5.1.5 allows attackers to run arbitrary code and cause other unspecified impacts via /jsonrpc API...
CVE-2023-43118
Cross Site Request Forgery CSRF vulnerability in Chalet application in Extreme Networks Switch Engine EXOS before 32.5.1.5, fixed in 31.7.2 and 32.5.1.5 allows attackers to run arbitrary code and cause other unspecified impacts via /jsonrpc API...
CVE-2022-36786
DLINK - DSL-224 Post-auth RCE. DLINK router version 3.0.8 has an interface where you can configure NTP servers Network Time Protocol via jsonrpc API. It is possible to inject a command through this interface that will run with ROOT permissions on the router...
CVE-2022-36786 DLINK - DSL-224 Post-auth RCE.
DLINK - DSL-224 Post-auth RCE. DLINK router version 3.0.8 has an interface where you can configure NTP servers Network Time Protocol via jsonrpc API. It is possible to inject a command through this interface that will run with ROOT permissions on the router...