16 matches found
EUVD-2023-40612
Malicious code in bioql PyPI...
EUVD-2023-40613
Malicious code in bioql PyPI...
CVE-2023-36670
A remotely exploitable command injection vulnerability was found on the Kratos NGC-IDU 9.1.0.4. An attacker can execute arbitrary Linux commands as root by sending crafted TCP requests to the device...
CVE-2023-36670
A remotely exploitable command injection vulnerability was found on the Kratos NGC-IDU 9.1.0.4. An attacker can execute arbitrary Linux commands as root by sending crafted TCP requests to the device...
CVE-2023-36670
A remotely exploitable command injection vulnerability was found on the Kratos NGC-IDU 9.1.0.4. An attacker can execute arbitrary Linux commands as root by sending crafted TCP requests to the device...
CVE-2023-36670
A remotely exploitable command injection vulnerability was found on the Kratos NGC-IDU 9.1.0.4. An attacker can execute arbitrary Linux commands as root by sending crafted TCP requests to the device...
Command injection
A remotely exploitable command injection vulnerability was found on the Kratos NGC-IDU 9.1.0.4. An attacker can execute arbitrary Linux commands as root by sending crafted TCP requests to the device...
CVE-2023-36669
Missing Authentication for a Critical Function within the Kratos NGC Indoor Unit IDU before 11.4 allows remote attackers to obtain arbitrary control of the IDU/ODU system. Any attacker with layer-3 network access to the IDU can impersonate the Touch Panel Unit TPU within the IDU by sending crafte...
Authentication flaw
Missing Authentication for a Critical Function within the Kratos NGC Indoor Unit IDU before 11.4 allows remote attackers to obtain arbitrary control of the IDU/ODU system. Any attacker with layer-3 network access to the IDU can impersonate the Touch Panel Unit TPU within the IDU by sending crafte...
CVE-2023-36670
A remotely exploitable command injection vulnerability was found on the Kratos NGC-IDU 9.1.0.4. An attacker can execute arbitrary Linux commands as root by sending crafted TCP requests to the device...
CVE-2023-36669
Missing Authentication for a Critical Function within the Kratos NGC Indoor Unit IDU before 11.4 allows remote attackers to obtain arbitrary control of the IDU/ODU system. Any attacker with layer-3 network access to the IDU can impersonate the Touch Panel Unit TPU within the IDU by sending crafte...
PT-2023-25672 · Kratos · Kratos Ngc-Idu
Name of the Vulnerable Software and Affected Versions: Kratos NGC-IDU version 9.1.0.4 Description: A remotely exploitable command injection issue was discovered, allowing an attacker to execute arbitrary Linux commands as root by sending crafted TCP requests to the device. Recommendations: For...
CVE-2023-36670
A remotely exploitable command injection vulnerability was found on the Kratos NGC-IDU 9.1.0.4. An attacker can execute arbitrary Linux commands as root by sending crafted TCP requests to the device...
CVE-2023-36670
CVE-2023-36670 affects Kratos NGC-IDU 9.1.0.4. The connected documents describe a remote command-injection vulnerability that allows an attacker to execute arbitrary Linux commands as root by sending crafted TCP requests to the device. The root cause and exact vulnerable component are tied to the...
CVE-2023-36669
Missing Authentication for a Critical Function within the Kratos NGC Indoor Unit IDU before 11.4 allows remote attackers to obtain arbitrary control of the IDU/ODU system. Any attacker with layer-3 network access to the IDU can impersonate the Touch Panel Unit TPU within the IDU by sending crafte...
CVE-2023-36669
CVE-2023-36669 (Kratos NGC IDU) affects Kratos NGC Indoor Unit prior to 11.4, where missing authentication for a critical function allows remote attackers with layer-3 network access to impersonate the Touch Panel Unit (TPU) by sending crafted TCP requests, granting arbitrary control of the IDU/O...