EUVD-2015-9105

Malware in sbrugna...

CVE-2025-34121

An unauthenticated arbitrary file upload vulnerability exists in Idera Up.Time Monitoring Station versions up to and including 7.2. The wizards/post2file.php script accepts arbitrary POST parameters, allowing attackers to upload crafted PHP files to the webroot. Successful exploitation results in...

CVE-2025-34121

An unauthenticated arbitrary file upload vulnerability exists in Idera Up.Time Monitoring Station versions up to and including 7.2. The wizards/post2file.php script accepts arbitrary POST parameters, allowing attackers to upload crafted PHP files to the webroot. Successful exploitation results in...

Idera Up.Time Monitoring Station 安全漏洞

Idera Up.Time Monitoring Station is a cross-platform server monitoring software from Idera USA. A security vulnerability exists in Idera Up.Time Monitoring Station version 7.2 and earlier, which originates from an arbitrary file upload and could lead to remote code execution...

PT-2025-29884 · Idera · Idera Up.Time Monitoring Station

Name of the Vulnerable Software and Affected Versions: Idera Up.Time Monitoring Station versions up to and including 7.2 Description: An unauthenticated arbitrary file upload issue exists. The wizards/post2file.php script accepts arbitrary POST parameters, allowing attackers to upload crafted PHP...

Design/Logic Flaw

An issue was discovered in post2file.php in Up.Time Monitoring Station 7.5.0 build 16 and 7.4.0 build 13. It allows an attacker to upload an arbitrary file, such as a .php file that can execute arbitrary OS commands...

CVE-2015-9263

An issue was discovered in post2file.php in Up.Time Monitoring Station 7.5.0 build 16 and 7.4.0 build 13. It allows an attacker to upload an arbitrary file, such as a .php file that can execute arbitrary OS commands...

CVE-2015-9263

An issue was discovered in post2file.php in Up.Time Monitoring Station 7.5.0 build 16 and 7.4.0 build 13. It allows an attacker to upload an arbitrary file, such as a .php file that can execute arbitrary OS commands...

CVE-2015-9263

The CVE-2015-9263 entry concerns Idera Up.Time Monitoring Station (versions up to 7.5.0 build 16 and 7.4.0 build 13) where the post2file.php upload mechanism allows uploading arbitrary files (e.g., PHP) to the webroot. The underlying issue is an unauthenticated arbitrary file upload that can lead...

PT-2018-4572 · Uptime · Up.Time Monitoring Station

Name of the Vulnerable Software and Affected Versions: Up.Time Monitoring Station versions 7.4.0 build 13 through 7.5.0 build 16 Description: An issue in post2file.php allows an attacker to upload arbitrary files, including .php files that can execute arbitrary OS commands. Recommendations: For...

CVE-2017-9658

Certain 802.11 network management messages have been determined to invoke wireless access point blacklisting security defenses when not required, which can necessitate intervention by hospital staff to reset the device and reestablish a network connection to the Wi-Fi access point. During this...

Input validation

Certain 802.11 network management messages have been determined to invoke wireless access point blacklisting security defenses when not required, which can necessitate intervention by hospital staff to reset the device and reestablish a network connection to the Wi-Fi access point. During this...

CVE-2017-9657

Under specific 802.11 network conditions, a partial re-association of the Philips IntelliVue MX40 Version B.06.18 WLAN monitor to the central monitoring station is possible. In this state, the central monitoring station can indicate the MX40 is not connected or associated to the central monitor,...

CVE-2017-9657

Under specific 802.11 network conditions, a partial re-association of the Philips IntelliVue MX40 Version B.06.18 WLAN monitor to the central monitoring station is possible. In this state, the central monitoring station can indicate the MX40 is not connected or associated to the central monitor,...

CVE-2017-9657

The CVE-2017-9657 entry describes an 802.11 WLAN issue in Philips IntelliVue MX40 (Version B.06.18) where partial re-association to the central monitor can leave the MX40 in telemetry mode while the central station expects local monitoring, potentially delaying alarms. Root causes cited include I...

CVE-2017-9657

Under specific 802.11 network conditions, a partial re-association of the Philips IntelliVue MX40 Version B.06.18 WLAN monitor to the central monitoring station is possible. In this state, the central monitoring station can indicate the MX40 is not connected or associated to the central monitor,...

Unspecified Vulnerability in Philips' IntelliView MX40 Patient Worn Monitor

The MX40 Patient Worn Monitor is primarily used as a traditional telemetry medical device as part of a surveillance and alarm system. Under certain 802.11 network conditions, it is possible to partially re-associate the MX40 WLAN Monitor to a central monitoring station. In this state, the central...

Unspecified Vulnerability in Philips' IntelliView MX40 Patient Worn Monitor (CNVD-2017-26427)

The MX40 Patient Worn Monitor is primarily used as a traditional telemetry medical device as part of a surveillance and alarm system. Under certain 802.11 network conditions, when hospital staff reset the device and re-establish it to a Wi-Fi access point, the MX40 can connect to an alternate...

Idera Up.Time Monitoring Station 7.0 post2file.php Arbitrary File Upload Exploit

This Metasploit module exploits an arbitrary file upload vulnerability found within the Up.Time monitoring server 7.2 and below. A malicious entity can upload a PHP file into the webroot without authentication, leading to arbitrary code execution. Although the vendor fixed Up.Time to prevent this...

Idera Up.Time Monitoring Station 7.0 post2file.php Arbitrary File Upload Version 1

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Idera Up.Time Monitoring Station 7.0 post2file.php Arbitrary File Upload', 'Description' = %q This module exploits an arbitrary file...