Lucene search
K

113 matches found

Cvelist
Cvelist
added 2023/07/19 9:55 p.m.27 views

CVE-2023-34394 Keysight N6845A Relative Path Traversal

In Keysight Geolocation Server v2.4.2 and prior, an attacker could upload a specially crafted malicious file or delete any file or directory with SYSTEM privileges due to an improper path validation, which could result in local privilege escalation or a denial-of-service condition...

7.8CVSS8AI score0.00239EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2023/07/19 12:0 a.m.18 views

KeySight N6841A RF Sensor deleteFirmwarePackage Directory Traversal Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of KeySight N6841A RF Sensor. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

7.8CVSS7.1AI score0.00239EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2023/07/19 12:0 a.m.22 views

KeySight N6841A RF Sensor smsRestoreDatabaseZip Exposed Dangerous Function Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of KeySight N6841A RF Sensor. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

7.8CVSS7.2AI score0.002EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2023/07/19 12:0 a.m.17 views

KeySight N6841A RF Sensor removeLicenseFile Directory Traversal Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of KeySight N6841A RF Sensor. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

7.8CVSS7.1AI score0.00239EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/07/19 12:0 a.m.4 views

Keysight Technologies N6854A Geolocation server 代码问题漏洞

Keysight Technologies N6854A Geolocation server is a geolocation server from Keysight Technologies, Inc. A security vulnerability exists in Keysight Geolocation Server v2.4.2 and prior versions, which stems from improper path validation and allows an attacker to upload a specially crafted malicio...

7.8CVSS7.3AI score0.00239EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
added 2023/07/19 12:0 a.m.18 views

KeySight N6841A RF Sensor deleteEmbeddedApp Directory Traversal Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of KeySight N6841A RF Sensor. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

7.8CVSS7.1AI score0.00239EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2023/07/19 12:0 a.m.18 views

KeySight N6841A RF Sensor addFirmwarePackage Directory Traversal Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of KeySight N6841A RF Sensor. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

7.8CVSS7.1AI score0.00239EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2023/07/19 12:0 a.m.6 views

The vulnerability of Keysight N6854A geolocation server microprogramming software relates to the use of dangerous methods or functions that allow a intruder to execute arbitrary code.

The vulnerability of Keysight N6854A geolocation server microprogramming software is related to the use of dangerous methods or functions. Exploiting this vulnerability could allow a attacker to execute arbitrary code using a specially crafted ZIP file...

7.8CVSS7.6AI score0.002EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/07/19 12:0 a.m.7 views

The vulnerability of Keysight N6854A geolocation server microprogramming software, related to errors in processing the relative path to the catalog, allows a intruder to execute arbitrary code.

The vulnerability of Keysight N6854A geolocation server microprogramming software is related to errors in processing the relative path to the catalog. Exploiting this vulnerability can allow an attacker to execute arbitrary code using a specially crafted file...

7.8CVSS7.6AI score0.00239EPSS
Exploits0References2Affected Software1
ICS
ICS
added 2023/07/18 6:0 a.m.48 views

Keysight N6845A Geolocation Server

1. EXECUTIVE SUMMARY ​CVSS v3 7.8 ​ATTENTION: Low attack complexity ​Vendor: Keysight Technologies ​Equipment: N6854A Geolocation Server ​Vulnerabilities: Exposed Dangerous Method or Function, Relative Path Traversal 2. RISK EVALUATION ​Successful exploitation of these vulnerabilities could allow...

7.8CVSS8.7AI score0.00239EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2023/07/18 12:0 a.m.5 views

PT-2023-3574 · Keysight · Keysight Geolocation Server

Name of the Vulnerable Software and Affected Versions: Keysight Geolocation Server versions 2.4.2 and prior Description: The issue is related to improper path validation, which could allow an attacker to upload a specially crafted malicious file or delete any file or directory with SYSTEM...

7.8CVSS7.6AI score0.00239EPSS
Exploits0References9
GithubExploit
GithubExploit
added 2023/06/09 5:44 p.m.509 views

Exploit for CVE-2023-2986

Original Proof of Concept for CVE-2023-2986 Proof of Concept...

9.8CVSS9.6AI score0.41077EPSS
Exploits5
Zero Day Initiative
Zero Day Initiative
added 2023/05/01 12:0 a.m.20 views

KeySight N6841A RF Sensor LAHttpInvokerServiceExporter Deserialization of Untrusted Data Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of KeySight N6841A RF Sensor. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

7.8CVSS9.1AI score0.00785EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2023/05/01 12:0 a.m.27 views

KeySight N8844A Data Analytics Web Service Unmarshal Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of KeySight N8844A Data Analytics Web Service. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Unmarshal function. The issue results from the lack of...

9.8CVSS9.4AI score0.00799EPSS
Exploits0References1
NVD
NVD
added 2023/04/27 10:15 p.m.32 views

CVE-2023-1967

Keysight N8844A Data Analytics Web Service deserializes untrusted data without sufficiently verifying the resulting data will be valid...

9.8CVSS9.6AI score0.00799EPSS
Exploits0References1
OSV
OSV
added 2023/04/27 10:15 p.m.4 views

CVE-2023-1967

Keysight N8844A Data Analytics Web Service deserializes untrusted data without sufficiently verifying the resulting data will be valid...

9.8CVSS7.3AI score0.00799EPSS
Exploits0References1
Prion
Prion
added 2023/04/27 10:15 p.m.14 views

Design/Logic Flaw

Keysight N8844A Data Analytics Web Service deserializes untrusted data without sufficiently verifying the resulting data will be valid...

7.5CVSS9.4AI score0.00799EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/04/27 9:37 p.m.8 views

CVE-2023-1967 CVE-2023-1967

Keysight N8844A Data Analytics Web Service deserializes untrusted data without sufficiently verifying the resulting data will be valid...

6.9AI score0.00799EPSS
Exploits0References1
CVE
CVE
added 2023/04/27 9:37 p.m.88 views

CVE-2023-1967

Keysight N8844A Data Analytics Web Service is affected by CVE-2023-1967 due to deserialization of untrusted data without sufficient validation, which can lead to remote code execution. Affected product group includes N8844A Data Analytics Web Service (version 2.1.7351 and prior) with additional a...

9.8CVSS9.6AI score0.00799EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/04/27 9:37 p.m.39 views

CVE-2023-1967 CVE-2023-1967

Keysight N8844A Data Analytics Web Service deserializes untrusted data without sufficiently verifying the resulting data will be valid...

9.6AI score0.00799EPSS
Exploits0References1
Rows per page
Query Builder