[SECURITY] Fedora 42 Update: miniupnpd-2.3.10-1.fc42

The MiniUPnP daemon is an UPnP IGD & PCP/NAT-PMP daemon for gateway routers. UPnP IGD & PCP/NAT-PMP are used to improve internet connectivity for devices behind a NAT router. Any peer to peer network application such as games, IM, etc. can benefit from a NAT router supporting UPnP IGD & PCP/NAT-P...

EUVD-2017-16899

Malware in sbrugna...

CVE-2025-21594

An Improper Check for Unusual or Exceptional Conditions vulnerability in the pfe packet forwarding engine of Juniper Networks Junos OS on MX Series causes a port within a pool to be blocked leading to Denial of Service DoS. In a DS-Lite Dual-Stack Lite and NAT Network Address Translation scenario...

The vulnerability of the setNatConfig function in the /Interface/DevManage/VM.php file of the urban terminal software allows a violator to execute arbitrary commands.

The vulnerability of the setNatConfig function in the /Interface/DevManage/VM.php file of the urban terminal microprogramming system for intelligent traffic control of Uniview ISC 2500-S exists due to the lack of measures to neutralize special elements used in the operating system commands...

Exploit for OS Command Injection in Control-Webpanel Webpanel

Docs Paper : https://docs.google.com/document/d/1rQ7e9i2AFzHbASf...

Unbreakable Enterprise kernel security update

4.14.35-2047.512.6 - Revert 'rds/ib: recover rds connection from stuck rx path' Rohit Nair Orabug: 34039271 - uek-rpm: update kABI lists for new symbols Saeed Mirzamohammadi Orabug: 33993774 4.14.35-2047.512.5 - netfilter: nftables: initialize registers in nftdochain Pablo Neira Ayuso Orabug:...

Schweitzer Engineering Laboratories, Inc. SEL-3620 and SEL-3622 Improper Access Control (CVE-2017-7928)

An Improper Access Control issue was discovered in Schweitzer Engineering Laboratories SEL SEL-3620 and SEL-3622 Security Gateway Versions R202 and, R203, R203-V1, R203-V2 and, R204, R204-V1. The device does not properly enforce access control while configured for NAT port forwarding, which may...

The vulnerability of the NAT Port Mapping Protocol implementation in the TP-Link M7350 router’s microprogramming software arises from the failure to take measures to eliminate special elements used in the operating system commands. This vulnerability allows a perpetrator to execute arbitrary commands.

The vulnerability of the NAT Port Mapping Protocol NAT-PMP implementation of TP-Link’s M7350 router software exists due to the lack of measures taken to neutralize special elements used in the operating system commands. Exploiting this vulnerability allows a remote attacker to execute arbitrary...

CVE-2017-7928

An Improper Access Control issue was discovered in Schweitzer Engineering Laboratories SEL SEL-3620 and SEL-3622 Security Gateway Versions R202 and, R203, R203-V1, R203-V2 and, R204, R204-V1. The device does not properly enforce access control while configured for NAT port forwarding, which may...

Improper access control

An Improper Access Control issue was discovered in Schweitzer Engineering Laboratories SEL SEL-3620 and SEL-3622 Security Gateway Versions R202 and, R203, R203-V1, R203-V2 and, R204, R204-V1. The device does not properly enforce access control while configured for NAT port forwarding, which may...

CVE-2017-7928

An Improper Access Control issue was discovered in Schweitzer Engineering Laboratories SEL SEL-3620 and SEL-3622 Security Gateway Versions R202 and, R203, R203-V1, R203-V2 and, R204, R204-V1. The device does not properly enforce access control while configured for NAT port forwarding, which may...

CVE-2017-7928

The CVE-2017-7928 issue affects SEL-3620 and SEL-3622 Security Gateway devices (firmware R202, R203, R203-V1/V2, R204, R204-V1). Root cause: improper access control when NAT port forwarding is configured, potentially permitting unauthorized communications to downstream devices. Impact: could enab...

CVE-2017-7928

An Improper Access Control issue was discovered in Schweitzer Engineering Laboratories SEL SEL-3620 and SEL-3622 Security Gateway Versions R202 and, R203, R203-V1, R203-V2 and, R204, R204-V1. The device does not properly enforce access control while configured for NAT port forwarding, which may...

Schweitzer Engineering Laboratories, Inc. SEL-3620 and SEL-3622

CVSS v3 7.2 ATTENTION: Remotely exploitable/Low skill level to exploit. Vendor: Schweitzer Engineering Laboratories, Inc. SEL Equipment: SEL-3620, SEL-3622 Vulnerability: Improper Access Control AFFECTED PRODUCTS The following versions of SEL-3620 and SEL-3622, an Ethernet Security Gateway, are...

Huawei HG532n - Command Injection (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'base64' class MetasploitModule 'Huawei HG532n Command Injection', 'Description' = %q This module exploits a command injection vulnerability in...

Huawei HG532n Command Injection

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'base64' class MetasploitModule 'Huawei HG532n Command Injection', 'Description' = %q This module exploits a command injection vulnerability in...

Huawei HG532n Command Injection Exploit

This Metasploit module exploits a command injection vulnerability in the Huawei HG532n routers provided by TE-Data Egypt, leading to a root shell. The router's web interface has two kinds of logins, a "limited" user:user login given to all customers and an admin mode. The limited mode is used her...

Huawei HG532n Command Injection

This module exploits a command injection vulnerability in the Huawei HG532n routers provided by TE-Data Egypt, leading to a root shell. The router's web interface has two kinds of logins, a "limited" user:user login given to all customers and an admin mode. The limited mode is used here to expose...

D-Link Router Vulnerable to Reflected, Stored XSS

D-Link’s 2760N DSL-2760U-BN routers allegedly contain a number of stored and reflective cross-site scripting XSS vulnerabilities. Researcher Liad Mizrachi said he contacted D-Link to disclose the details of the bugs to them on six separate occasions – twice in August, twice in September, and once...

nat-pmp-info NSE Script

Gets the routers WAN IP using the NAT Port Mapping Protocol NAT-PMP. The NAT-PMP protocol is supported by a broad range of routers including: Apple AirPort Express Apple AirPort Extreme Apple Time Capsule DD-WRT OpenWrt v8.09 or higher, with MiniUPnP daemon pfSense v2.0 Tarifa firmware Linksys...