Lucene search
K

49 matches found

0day.today
0day.today
added 2023/10/02 12:0 a.m.288 views

Electrolink FM/DAB/TV Transmitter Pre-Auth MPFS Image Remote Code Execution Vulnerability

Electrolink FM/DAB/TV Transmitter allows access to an unprotected endpoint that allows an MPFS File System binary image upload without authentication. The MPFS2 file system module provides a light-weight read-only file system that can be stored in external EEPROM, external serial Flash, or intern...

7.7AI score
Exploits0
Zero Science Lab
Zero Science Lab
added 2023/09/30 12:0 a.m.322 views

Electrolink FM/DAB/TV Transmitter Pre-Auth MPFS Image Remote Code Execution

Summary Since 1990 Electrolink has been dealing with design and manufacturing of advanced technologies for radio and television broadcasting. The most comprehensive products range includes: FM Transmitters, DAB Transmitters, TV Transmitters for analogue and digital multistandard operation, Bandpa...

8.7CVSS6AI score0.00553EPSS
Exploits1
Prion
Prion
added 2018/08/23 2:29 p.m.21 views

Design/Logic Flaw

An exploitable firmware update vulnerability exists in Insteon Hub running firmware version 1013. The HTTP server allows for uploading arbitrary MPFS binaries that could be modified to enable access to hidden resources which allow for uploading unsigned firmware images to the device. To trigger...

8.5CVSS8.9AI score0.01656EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2018/08/23 2:29 p.m.4 views

CVE-2018-3832

An exploitable firmware update vulnerability exists in Insteon Hub running firmware version 1013. The HTTP server allows for uploading arbitrary MPFS binaries that could be modified to enable access to hidden resources which allow for uploading unsigned firmware images to the device. To trigger...

9CVSS5.9AI score0.01656EPSS
Exploits1References2
NVD
NVD
added 2018/08/23 2:29 p.m.18 views

CVE-2018-3832

An exploitable firmware update vulnerability exists in Insteon Hub running firmware version 1013. The HTTP server allows for uploading arbitrary MPFS binaries that could be modified to enable access to hidden resources which allow for uploading unsigned firmware images to the device. To trigger...

9.9CVSS9.1AI score0.01656EPSS
Exploits1References2
CVE
CVE
added 2018/08/23 2:0 p.m.102 views

CVE-2018-3832

Summary: Insteon Hub with firmware 1013 is vulnerable to an MPFS upload flaw. The HTTP server accepts uploading arbitrary MPFS binaries via /mpfsupload and can trigger unsigned firmware updates via firmware.htm, allowing full firmware flashing with no signature checks. Credentials are required to...

9.9CVSS8.9AI score0.01656EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2018/08/23 2:0 p.m.29 views

CVE-2018-3832

An exploitable firmware update vulnerability exists in Insteon Hub running firmware version 1013. The HTTP server allows for uploading arbitrary MPFS binaries that could be modified to enable access to hidden resources which allow for uploading unsigned firmware images to the device. To trigger...

9.9CVSS9.1AI score0.01656EPSS
Exploits1References1
seebug.org
seebug.org
added 2018/06/22 12:0 a.m.64 views

Insteon Hub MPFS Upload Firmware Update Vulnerability(CVE-2018-3832)

Summary An exploitable firmware update vulnerability exists in Insteon Hub running firmware version 1013. The HTTP server allows for uploading arbitrary MPFS binaries that could be modified to enable access to hidden resources which allow for uploading unsigned firmware images to the device. To...

0.1AI score0.01656EPSS
Exploits1
Talos
Talos
added 2018/06/19 12:0 a.m.582 views

Insteon Hub MPFS Upload Firmware Update Vulnerability

Summary An exploitable firmware update vulnerability exists in Insteon Hub running firmware version 1013. The HTTP server allows for uploading arbitrary MPFS binaries that could be modified to enable access to hidden resources which allow for uploading unsigned firmware images to the device. To...

9.9CVSS9.2AI score0.01656EPSS
Exploits1
Rows per page
Query Builder