CVE-2023-43742

The CVE affects Zultys MX-Series IP endpoints (MX-SE, MX-SE II, MX-E, MX-Virtual, MX250, MX30). The flaw is an authentication bypass caused by a protection mechanism failure in the authentication function: if the administrator client ignores a login failure and keeps sending requests on port 7505...

CVE-2023-43743

CVE-2023-43743 describes a SQL injection in Zultys MX-Series: MX-SE, MX-SE II, MX-E, MX-Virtual, MX250, and MX30. The vulnerability allows an authenticated attacker to execute arbitrary SQL queries on the backend database via the filter parameter in requests to the /newapi/ endpoint of the Zultys...

CVE-2023-43744

CVE-2023-43744 affects Zultys MX-Series devices (MX-SE, MX-SE II, MX-E, MX-Virtual, MX250, MX30) with firmware older than 17.0.10 patch 17161 or 16.04 patch 16109. The vulnerability is an OS command injection where the user-supplied patch file name in the Patch Manager is passed to a shell script...

CVE-2011-1623

Cisco Media Processing Software before 1.2 on Media Experience Engine MXE 5600 devices has a default root password, which makes it easier for context-dependent attackers to obtain access via 1 the local console, 2 an SSH session, or 3 a TELNET session, aka Bug ID CSCto77737...