Ella Core 安全特征问题漏洞

Ella Core is an open-source solution developed by Ella Networks for use in private networks as a 5G core network solution. Versions of Ella Core prior to 1.10.0 contained security feature vulnerabilities. These vulnerabilities stemmed from an unvalidated check to ensure that the UE security...

BIT-HUBBLE-UI-2024-25631

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. For Cilium users who have enabled an external kvstore and Wireguard transparent encryption, traffic between pods in the affected cluster is not encrypted. This issue affects Cilium v1.14 before v1.14.7 and...

CVE-2023-25186

An issue was discovered on NOKIA Airscale ASIKA Single RAN devices before 21B. If/when CSP as a BTS administrator removes security hardenings from a Nokia Single RAN BTS baseband unit, a directory path traversal in the Nokia BTS baseband unit diagnostic tool AaShell which is by default disabled...

Path traversal

An issue was discovered on NOKIA Airscale ASIKA Single RAN devices before 21B. If/when CSP as a BTS administrator removes security hardenings from a Nokia Single RAN BTS baseband unit, a directory path traversal in the Nokia BTS baseband unit diagnostic tool AaShell which is by default disabled...

CVE-2023-25188

An issue was discovered on NOKIA Airscale ASIKA Single RAN devices before 21B. If/when CSP as a BTS administrator removes security hardenings from the Nokia Single RAN BTS baseband unit, the BTS baseband unit diagnostic tool AaShell which is by default disabled allows unauthenticated access from...

CVE-2023-25185

An issue was discovered on NOKIA Airscale ASIKA Single RAN devices before 21B. A mobile network solution internal fault was found in Nokia Single RAN software releases. Certain software processes in the BTS internal software design have unnecessarily high privileges to BTS embedded operating syst...

Code injection

A mobile network solution internal fault is found in Nokia Web Element Manager before 22 R1, in which an authenticated, unprivileged user can execute administrative functions. Exploitation is not possible from outside of mobile network solution architecture. This means that exploit is not possibl...

CVE-2023-26062

Nokia Web Element Manager before 22 R1 is affected by an internal fault allowing an authenticated, unprivileged user to execute administrative functions. Exploitation is restricted to the CSP mobile network solution internal BTS management network and is not possible from mobile devices, roaming ...

CVE-2023-26062

A mobile network solution internal fault is found in Nokia Web Element Manager before 22 R1, in which an authenticated, unprivileged user can execute administrative functions. Exploitation is not possible from outside of mobile network solution architecture. This means that exploit is not possibl...

CVE-2023-26062

A mobile network solution internal fault is found in Nokia Web Element Manager before 22 R1, in which an authenticated, unprivileged user can execute administrative functions. Exploitation is not possible from outside of mobile network solution architecture. This means that exploit is not possibl...

AC centralized management platform has information leakage vulnerability

Ltd. is a network total solution and smart home solution provider. There is an information leakage vulnerability in AC centralized management platform, which can be exploited by attackers to obtain sensitive information...

Logic Flaw Vulnerability in SG2126F at Shanghai Atech Technology Co.

Atech is a small and medium-sized network solution provider and service provider in China. Ltd. SG2126F has a logic flaw vulnerability that can be exploited by an attacker to successfully bypass login authentication by modifying the return value of request...

Weak Password Vulnerability in Intelligent AC Authorization Centralized Management Platform of Shenzhen Vimax Technology Co.

Ltd. is a network total solution and smart home solution provider. Ltd. smart AC authorization centralized management platform has a weak password vulnerability, which can be exploited by attackers to log into the system...

Cisco SD-WAN Solution Buffer Overflow Vulnerability (CNVD-2020-19235)

Cisco SD-WAN Solution is a set of network extension solutions from Cisco. A buffer overflow vulnerability exists in Cisco SD-WAN Solution Releases prior to 19.2.2, which stems from a failure to adequately validate input. A local attacker could exploit this vulnerability by sending specially craft...

Cisco SD-WAN Solution Command Injection Vulnerability (CNVD-2019-19047)

Cisco SD-WAN Solution is a suite of network extension solutions from Cisco. the CLI is a command line interface. A command injection vulnerability exists in the vManage Web UI in Cisco SD-WAN Solution versions prior to 18.4.0, which stems from the program failing to perform sufficient input...

Part of the middleware vulnerability summary-vulnerability warning-the black bar safety net

! Do the spectators for a long time, found that there has been no better middleware vulnerability of the summary of the article, just recently doing this to learn, this only summarizes a small portion of the middleware common vulnerabilities for learning reference, follow-up will complement the...

foodnetworksolution.com XSS vulnerability

Open Bug Bounty ID: OBB-703077 Description| Value ---|--- Affected Website:| foodnetworksolution.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| hidden until disclosure Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:|...

CVE-2010-2983

The workgroup bridge aka WGB functionality in Cisco Unified Wireless Network UWN Solution 7.x before 7.0.98.0 allows remote attackers to cause a denial of service dropped connection via a series of spoofed EAPoL-Logoff frames, related to an "EAPoL logoff attack," aka Bug ID CSCte43374...