Lucene search
K

183 matches found

Prion
Prion
added 2020/08/07 10:15 p.m.19 views

Default credentials

Lindy 42633 4-Port USB 2.0 Gigabit Network Server 2.078.000 devices allow an attacker on the same network to elevate privileges because the administrative password can be discovered by sniffing unencrypted UDP traffic...

3.3CVSS8.8AI score0.0032EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2020/08/07 10:15 p.m.15 views

Input validation

Lindy 42633 4-Port USB 2.0 Gigabit Network Server 2.078.000 devices allow an attacker on the same network to denial-of-service the device via long input values...

6.1CVSS6.5AI score0.00459EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2020/08/07 10:15 p.m.20 views

Authentication flaw

Lindy 42633 4-Port USB 2.0 Gigabit Network Server 2.078.000 devices allow an attacker on the same network to bypass authentication via a web-administration request that lacks a password parameter...

8.3CVSS8.8AI score0.00875EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2020/08/07 10:15 p.m.16 views

Cross site scripting

TP-Link USB Network Server TL-PS310U devices before 2.079.000.t0210 allow an attacker on the same network to conduct persistent XSS attacks by leveraging administrative privileges to set a crafted server name...

2.3CVSS4.4AI score0.00343EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2020/08/07 9:23 p.m.57 views

CVE-2020-15061

CVE-2020-15061 affects the Lindy 42633 4-Port USB 2.0 Gigabit Network Server (firmware 2.078.000). The vulnerability allows an attacker on the same network to cause a denial of service by sending excessively long input values to the device. This is a network-adjacent issue with low attack complex...

6.5CVSS6.5AI score0.00459EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/08/07 9:23 p.m.18 views

CVE-2020-15061

Lindy 42633 4-Port USB 2.0 Gigabit Network Server 2.078.000 devices allow an attacker on the same network to denial-of-service the device via long input values...

6.5AI score0.00459EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/08/07 9:22 p.m.15 views

CVE-2020-15060

Lindy 42633 4-Port USB 2.0 Gigabit Network Server 2.078.000 devices allow an attacker on the same network to conduct persistent XSS attacks by leveraging administrative privileges to set a crafted server name...

4.5AI score0.00343EPSS
Exploits0References1
CVE
CVE
added 2020/08/07 9:22 p.m.61 views

CVE-2020-15060

The Lindy 42633 4-Port USB 2.0 Gigabit Network Server (firmware 2.078.000) has a persistent cross-site scripting (XSS) vulnerability. An attacker on the same network can exploit it by leveraging administrative privileges to set a crafted server name, enabling persistent XSS. The root cause is rel...

4.3CVSS4.4AI score0.00343EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2020/08/07 9:22 p.m.62 views

CVE-2020-15059

The CVE-2020-15059 entry concerns Lindy 42633 4-Port USB 2.0 Gigabit Network Server (firmware 2.078.000). The vulnerability enables authentication bypass via a web administration request that omits a password parameter, allowing an attacker on the same network to access privileged functions. Affe...

8.8CVSS8.8AI score0.00875EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/08/07 9:20 p.m.18 views

CVE-2020-15057

TP-Link USB Network Server TL-PS310U devices before 2.079.000.t0210 allow an attacker on the same network to denial-of-service the device via long input values...

6.5AI score0.00459EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/08/07 9:18 p.m.18 views

CVE-2020-15056

TP-Link USB Network Server TL-PS310U devices before 2.079.000.t0210 allow an attacker on the same network to conduct persistent XSS attacks by leveraging administrative privileges to set a crafted server name...

4.4AI score0.00343EPSS
Exploits0References1
CVE
CVE
added 2020/08/07 9:18 p.m.54 views

CVE-2020-15056

CVE-2020-15056 affects TP-Link TL-PS310U USB Network Server devices up to version 2.079.000.t0210. Affected function is the server name setting under administrative privileges, allowing an attacker on the same network to perform persistent cross-site scripting via a crafted server name. The vulne...

4.3CVSS4.3AI score0.00343EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/08/07 9:16 p.m.16 views

CVE-2020-15055

TP-Link USB Network Server TL-PS310U devices before 2.079.000.t0210 allow an attacker on the same network to bypass authentication via a web-administration request that lacks a password parameter...

8.9AI score0.00894EPSS
Exploits0References1
CVE
CVE
added 2020/08/07 9:16 p.m.59 views

CVE-2020-15055

CVE-2020-15055 affects TP-Link USB Network Server TL-PS310U prior to firmware version 2.079.000.t0210. The vulnerability allows an attacker on the same network to bypass authentication via a web administration request that omits a password parameter. Connected sources corroborate the model-specif...

8.8CVSS8.7AI score0.00894EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2020/08/07 9:14 p.m.62 views

CVE-2020-15054

Affected product: TP-Link TL-PS310U (USB Network Server). Vulnerability: Elevation of privilege due to discovery of the administrative password by sniffing unencrypted UDP traffic. Root cause / vector: Unencrypted UDP traffic enables an attacker on the same network to obtain credentials and escal...

8.8CVSS8.7AI score0.0032EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/08/07 9:14 p.m.20 views

CVE-2020-15054

TP-Link USB Network Server TL-PS310U devices before 2.079.000.t0210 allow an attacker on the same network to elevate privileges because the administrative password can be discovered by sniffing unencrypted UDP traffic...

8.8AI score0.0032EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2019/02/26 12:0 a.m.7 views

The vulnerability of the WkbProgramLow function in the WibuKey Network Server Management security tool allows a hacker to trigger a service failure.

The vulnerability of the WibuKey Network Server Management security software in the WkbProgramLow function is related to buffer overflow. Exploiting this vulnerability could allow a malicious actor to cause service interruptions and potentially execute arbitrary code, using specially crafted...

10CVSS7.5AI score0.34329EPSS
Exploits1References5Affected Software2
Prion
Prion
added 2019/02/05 11:29 p.m.18 views

Heap overflow

An exploitable heap overflow vulnerability exists in the WkbProgramLow function of WibuKey Network server management, version 6.40.2402.500. A specially crafted TCP packet can cause a heap overflow, potentially leading to remote code execution. An attacker can send a malformed TCP packet to trigg...

7.5CVSS9.7AI score0.34329EPSS
Exploits1References5Affected Software2
NVD
NVD
added 2019/02/05 11:29 p.m.28 views

CVE-2018-3991

An exploitable heap overflow vulnerability exists in the WkbProgramLow function of WibuKey Network server management, version 6.40.2402.500. A specially crafted TCP packet can cause a heap overflow, potentially leading to remote code execution. An attacker can send a malformed TCP packet to trigg...

10CVSS9.8AI score0.34329EPSS
Exploits1References5
Talos
Talos
added 2019/01/28 12:0 a.m.231 views

WIBU-SYSTEMS WibuKey network server management WkbProgramLow remote code execution vulnerability

Summary An exploitable heap overflow vulnerability exists in the WkbProgramLow function of WibuKey Network server management, version 6.40.2402.500. A specially crafted TCP packet can cause a heap overflow, potentially leading to remote code execution. An attacker can send a malformed TCP packet ...

10CVSS9.9AI score0.34329EPSS
Exploits1
Rows per page
Query Builder