113 matches found
CVE-2023-34394 Keysight N6845A Relative Path Traversal
In Keysight Geolocation Server v2.4.2 and prior, an attacker could upload a specially crafted malicious file or delete any file or directory with SYSTEM privileges due to an improper path validation, which could result in local privilege escalation or a denial-of-service condition...
KeySight N6841A RF Sensor deleteFirmwarePackage Directory Traversal Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of KeySight N6841A RF Sensor. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...
KeySight N6841A RF Sensor smsRestoreDatabaseZip Exposed Dangerous Function Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of KeySight N6841A RF Sensor. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...
KeySight N6841A RF Sensor removeLicenseFile Directory Traversal Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of KeySight N6841A RF Sensor. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...
Keysight Technologies N6854A Geolocation server 代码问题漏洞
Keysight Technologies N6854A Geolocation server is a geolocation server from Keysight Technologies, Inc. A security vulnerability exists in Keysight Geolocation Server v2.4.2 and prior versions, which stems from improper path validation and allows an attacker to upload a specially crafted malicio...
KeySight N6841A RF Sensor deleteEmbeddedApp Directory Traversal Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of KeySight N6841A RF Sensor. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...
KeySight N6841A RF Sensor addFirmwarePackage Directory Traversal Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of KeySight N6841A RF Sensor. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...
The vulnerability of Keysight N6854A geolocation server microprogramming software relates to the use of dangerous methods or functions that allow a intruder to execute arbitrary code.
The vulnerability of Keysight N6854A geolocation server microprogramming software is related to the use of dangerous methods or functions. Exploiting this vulnerability could allow a attacker to execute arbitrary code using a specially crafted ZIP file...
The vulnerability of Keysight N6854A geolocation server microprogramming software, related to errors in processing the relative path to the catalog, allows a intruder to execute arbitrary code.
The vulnerability of Keysight N6854A geolocation server microprogramming software is related to errors in processing the relative path to the catalog. Exploiting this vulnerability can allow an attacker to execute arbitrary code using a specially crafted file...
Keysight N6845A Geolocation Server
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Keysight Technologies Equipment: N6854A Geolocation Server Vulnerabilities: Exposed Dangerous Method or Function, Relative Path Traversal 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow...
PT-2023-3574 · Keysight · Keysight Geolocation Server
Name of the Vulnerable Software and Affected Versions: Keysight Geolocation Server versions 2.4.2 and prior Description: The issue is related to improper path validation, which could allow an attacker to upload a specially crafted malicious file or delete any file or directory with SYSTEM...
Exploit for CVE-2023-2986
Original Proof of Concept for CVE-2023-2986 Proof of Concept...
KeySight N6841A RF Sensor LAHttpInvokerServiceExporter Deserialization of Untrusted Data Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of KeySight N6841A RF Sensor. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...
KeySight N8844A Data Analytics Web Service Unmarshal Deserialization of Untrusted Data Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of KeySight N8844A Data Analytics Web Service. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Unmarshal function. The issue results from the lack of...
CVE-2023-1967
Keysight N8844A Data Analytics Web Service deserializes untrusted data without sufficiently verifying the resulting data will be valid...
CVE-2023-1967
Keysight N8844A Data Analytics Web Service deserializes untrusted data without sufficiently verifying the resulting data will be valid...
Design/Logic Flaw
Keysight N8844A Data Analytics Web Service deserializes untrusted data without sufficiently verifying the resulting data will be valid...
CVE-2023-1967 CVE-2023-1967
Keysight N8844A Data Analytics Web Service deserializes untrusted data without sufficiently verifying the resulting data will be valid...
CVE-2023-1967
Keysight N8844A Data Analytics Web Service is affected by CVE-2023-1967 due to deserialization of untrusted data without sufficient validation, which can lead to remote code execution. Affected product group includes N8844A Data Analytics Web Service (version 2.1.7351 and prior) with additional a...
CVE-2023-1967 CVE-2023-1967
Keysight N8844A Data Analytics Web Service deserializes untrusted data without sufficiently verifying the resulting data will be valid...