16 matches found
CVE-2023-25201
Cross Site Request Forgery CSRF vulnerability in MultiTech Conduit AP MTCAP2-L4E1 MTCAP2-L4E1-868-042A v.6.0.0 allows a remote attacker to execute arbitrary code via a crafted script upload...
CVE-2020-7594
MultiTech Conduit MTCDT-LVW2-24XX 1.4.17-ocea-13592 devices allow remote authenticated administrators to execute arbitrary OS commands by navigating to the Debug Options page and entering shell metacharacters in the interface JSON field of the ping function...
EUVD-2020-28719
Malware in sbrugna...
EUVD-2023-29164
Malicious code in bioql PyPI...
CVE-2023-25201
Cross Site Request Forgery CSRF vulnerability in MultiTech Conduit AP MTCAP2-L4E1 MTCAP2-L4E1-868-042A v.6.0.0 allows a remote attacker to execute arbitrary code via a crafted script upload...
CVE-2023-25201
Cross Site Request Forgery CSRF vulnerability in MultiTech Conduit AP MTCAP2-L4E1 MTCAP2-L4E1-868-042A v.6.0.0 allows a remote attacker to execute arbitrary code via a crafted script upload...
CVE-2023-25201
Cross Site Request Forgery CSRF vulnerability in MultiTech Conduit AP MTCAP2-L4E1 MTCAP2-L4E1-868-042A v.6.0.0 allows a remote attacker to execute arbitrary code via a crafted script upload...
Cross site request forgery (csrf)
Cross Site Request Forgery CSRF vulnerability in MultiTech Conduit AP MTCAP2-L4E1 MTCAP2-L4E1-868-042A v.6.0.0 allows a remote attacker to execute arbitrary code via a crafted script upload...
CVE-2023-25201
Cross Site Request Forgery CSRF vulnerability in MultiTech Conduit AP MTCAP2-L4E1 MTCAP2-L4E1-868-042A v.6.0.0 allows a remote attacker to execute arbitrary code via a crafted script upload...
CVE-2023-25201
Cross Site Request Forgery CSRF vulnerability in MultiTech Conduit AP MTCAP2-L4E1 MTCAP2-L4E1-868-042A v.6.0.0 allows a remote attacker to execute arbitrary code via a crafted script upload...
CVE-2023-25201
The CVE-2023-25201 case concerns MultiTech Conduit AP MTCAP2-L4E1 (868-042A) running v6.0.0. The issue is a CSRF vulnerability that allows a remote attacker to cause arbitrary code execution via a crafted script upload. The NVD entry notes a high-severity CVSS 3.1 base score of 8.8 (Network, Priv...
CVE-2020-7594
MultiTech Conduit MTCDT-LVW2-24XX 1.4.17-ocea-13592 devices allow remote authenticated administrators to execute arbitrary OS commands by navigating to the Debug Options page and entering shell metacharacters in the interface JSON field of the ping function...
CVE-2020-7594
MultiTech Conduit MTCDT-LVW2-24XX 1.4.17-ocea-13592 devices allow remote authenticated administrators to execute arbitrary OS commands by navigating to the Debug Options page and entering shell metacharacters in the interface JSON field of the ping function...
Input validation
MultiTech Conduit MTCDT-LVW2-24XX 1.4.17-ocea-13592 devices allow remote authenticated administrators to execute arbitrary OS commands by navigating to the Debug Options page and entering shell metacharacters in the interface JSON field of the ping function...
CVE-2020-7594
MultiTech Conduit MTCDT-LVW2-24XX 1.4.17-ocea-13592 devices allow remote authenticated administrators to execute arbitrary OS commands by navigating to the Debug Options page and entering shell metacharacters in the interface JSON field of the ping function...
CVE-2020-7594
The CVE-2020-7594 entry concerns MultiTech Conduit MTCDT-LVW2-24XX devices (version 1.4.17-ocea-13592). The vulnerability arises from allowing remote authenticated administrators to execute arbitrary OS commands by navigating to the Debug Options page and entering shell metacharacters in the inte...