14 matches found
EUVD-2018-9315
Malware in sbrugna...
EUVD-2002-1610
Malware in sbrugna...
EUVD-2005-4045
Malware in sbrugna...
CVE-2018-17562
Multi-Tech FaxFinder before 5.1.6 has SQL Injection via a status/calldetails?oid= URI, allowing an attacker to extract the underlying database schema to further disclose other fax server information through different injection points...
Sql injection
Multi-Tech FaxFinder before 5.1.6 has SQL Injection via a status/calldetails?oid= URI, allowing an attacker to extract the underlying database schema to further disclose other fax server information through different injection points...
CVE-2018-17562
Multi-Tech FaxFinder before 5.1.6 has SQL Injection via a status/calldetails?oid= URI, allowing an attacker to extract the underlying database schema to further disclose other fax server information through different injection points...
CVE-2018-17562
CVE-2018-17562 affects Multi-Tech FaxFinder prior to 5.1.6. The flaw is a SQL Injection through a URI endpoint (status/call_details?oid=), enabling an attacker to extract the underlying database schema and reveal other fax server information via additional injection points. Documented CVSS detail...
CVE-2005-4050
Buffer overflow in multiple Multi-Tech Systems MultiVOIP devices with firmware before x.08 allows remote attackers to execute arbitrary code via a long INVITE field in a Session Initiation Protocol SIP packet...
CVE-2005-4050
CVE-2005-4050 describes a buffer overflow in multiple Multi-Tech Systems MultiVOIP devices with firmware before x.08. The vulnerability arises from processing a long SIP INVITE field, allowing a remote attacker to execute arbitrary code. Affected product family: MultiVOIP devices (vendor: Multi-T...
CVE-2005-4050
Buffer overflow in multiple Multi-Tech Systems MultiVOIP devices with firmware before x.08 allows remote attackers to execute arbitrary code via a long INVITE field in a Session Initiation Protocol SIP packet...
CVE-2002-1629
Multi-Tech ProxyServer products MTPSR1-100, MTPSR1-120, MTPSR1-202ST, MTPSR2-201, and MTPSR3-200 ship with a null password, which allows remote attackers to gain administrative privileges via Telnet or HTTP...
CVE-2002-1629
CVE-2002-1629 affects multiple MultiTech ProxyServer models (MTPSR1-100, MTPSR1-120, MTPSR1-202ST, MTPSR2-201, MTPSR3-200). The issue is caused by a default/null password on the remote administration account (supervisor), allowing remote attackers to gain administrative privileges via Telnet or H...
Multi-Tech ProxyServers ship with null password for administrative access
Overview Some versions of the Multi-Tech ProxyServer products ship without a default password for the administrative interface. Description Some versions of the Multi-Tech ProxyServer products ships without a default password for the administrative interface permitting unauthenticated access via...
CVE-2002-1629
Multi-Tech ProxyServer products MTPSR1-100, MTPSR1-120, MTPSR1-202ST, MTPSR2-201, and MTPSR3-200 ship with a null password, which allows remote attackers to gain administrative privileges via Telnet or HTTP...