35 matches found
EUVD-2021-14593
Malware in sbrugna...
EUVD-2021-14594
Malware in sbrugna...
FatPipe MPVPN Web Detection
Binary data fatpipempvpnwebdetect.nbin...
FatPipe MPVPN < 10.1.2r60p92 / 10.2.2 < 10.2.2r44p1 Configuration File Upload (CVE-2021-27860)
According to its self-reported version, the instance of FatPipe MPVPN running on the remote web server is 10.1.2r60p92 or 10.2.2 10.2.2r44p1. It is, therefore, affected by a configuration file upload vulnerability that could allow a remote attacker to upload a file to any location on the filesyst...
FatPipe MPVPN < 10.1.2r60p91 / 10.2.2 < 10.2.2r42 Multiple Vulnerabilities
According to its self-reported version, the instance of FatPipe MPVPN running on the remote web server is 10.1.2r60p91 or 10.2.2 10.2.2r42. It is, therefore, affected by multiple vulnerabilities, including: - FatPipe WARP, IPVPN, and MPVPN software prior to versions 10.1.2r60p91 and 10.2.2r42...
VulnCheck KEV: CVE-2021-27856
FatPipe WARP, IPVPN, and MPVPN software prior to versions 10.1.2r60p91 and 10.2.2r42 includes an account named "cmuser" that has administrative privileges and no password. Older versions of FatPipe software may also be vulnerable. The FatPipe advisory identifier for this vulnerability is FPSA002...
VulnCheck KEV: CVE-2021-27860
A vulnerability in the web management interface of FatPipe WARP, IPVPN, and MPVPN software allows a remote, unauthenticated attacker to upload a file to any location on the filesystem...
FatPipe WARP, IPVPN, and MPVPN Configuration Upload exploit
A vulnerability in the web management interface of FatPipe WARP, IPVPN, and MPVPN software allows a remote, unauthenticated attacker to upload a file to any location on the filesystem...
FatPipe WARP, IPVPN and MPVPN authorization vulnerabilities
FatPipe is a WAN redundancy technology from FatPipe USA that provides companies with automated and dynamic failover due to a WAN component or service failure that results in a data line connection outage.A security vulnerability exists in FatPipe WARP, IPVPN and MPVPN that stems from a lack of...
FatPipe WARP, IPVPN and MPVPN have unspecified vulnerabilities
FatPipe is a WAN redundancy technology from FatPipe USA that provides companies with automated and dynamic failover due to the failure of a WAN component or service resulting in the loss of data line connectivity.A security vulnerability exists in FatPipe WARP, IPVPN and MPVPN, which stems from t...
FatPipe WARP, IPVPN and MPVPN have unspecified vulnerabilities (CNVD-2021-101931)
FatPipe is a WAN redundancy technology from FatPipe USA that provides companies with automated and dynamic failover as a result of a WAN component or service failure resulting in a data line connection outage.FatPipe WARP, IPVPN and MPVPN have a security vulnerability that could be exploited by a...
CVE-2021-27859
A missing authorization vulnerability in the web management interface of FatPipe WARP, IPVPN, and MPVPN software prior to versions 10.1.2r60p91 and 10.2.2r42 allows an authenticated, remote attacker with read-only privileges to create an account with administrative privileges. Older versions of...
CVE-2021-27855
FatPipe WARP, IPVPN, and MPVPN software prior to versions 10.1.2r60p91 and 10.2.2r42 allows a remote, authenticated attacker with read-only privileges to grant themselves administrative privileges. Older versions of FatPipe software may also be vulnerable. The FatPipe advisory identifier for this...
Authorization
A missing authorization vulnerability in the web management interface of FatPipe WARP, IPVPN, and MPVPN software prior to versions 10.1.2r60p91 and 10.2.2r42 allows a remote attacker to access at least the URL "/fpui/jsp/index.jsp" leading to unknown impact, presumably some violation of...
Design/Logic Flaw
FatPipe WARP, IPVPN, and MPVPN software prior to versions 10.1.2r60p91 and 10.2.2r42 allows a remote, authenticated attacker with read-only privileges to grant themselves administrative privileges. Older versions of FatPipe software may also be vulnerable. The FatPipe advisory identifier for this...
Authorization
A missing authorization vulnerability in the web management interface of FatPipe WARP, IPVPN, and MPVPN software prior to versions 10.1.2r60p91 and 10.2.2r42 allows an authenticated, remote attacker with read-only privileges to create an account with administrative privileges. Older versions of...
CVE-2021-27859
CVE-2021-27859 (FatPipe WARP/IPVPN/MPVPN) is a missing authorization vulnerability in the web management interface that allows an authenticated, read-only user to create an administrative account. Affected versions are FatPipe software prior to 10.1.2r60p91 and 10.2.2 prior to r42; older FatPipe ...
CVE-2021-27857
CVE-2021-27857 describes a missing authorization vulnerability in the web management interface of FatPipe WARP, IPVPN, and MPVPN. Before versions 10.1.2r60p91 and 10.2.2r42, remote unauthenticated attackers can download a configuration archive, with the hostname used as part of the file name. Old...
CVE-2021-27856
CVE-2021-27856 affects FatPipe WARP/IPVPN/MPVPN software prior to 10.1.2r60p91 and 10.2.2r42. A backdoor admin account named “cmuser” exists with no password, enabling unauthenticated administrative access and potential full device compromise. Connected sources consistently describe the issue as ...
CVE-2021-27855
CVE-2021-27855 affects FatPipe WARP/IPVPN/MPVPN software prior to 10.1.2r60p91 and 10.2.2r42. The vulnerability allows a remote, authenticated user with read-only privileges to elevate to administrative privileges via a privileged action (HTTP/JSON parameter manipulation). Affected versions inclu...