44 matches found
F5 Networks BIG-IP : iControl REST and tmsh vulnerability (K000161022)
The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.3.2 / 17.5.1.6 / 21.0.0.2. It is, therefore, affected by a vulnerability as referenced in the K000161022 advisory. Incorrect permission assignment vulnerabilities exist in BIG-IP and BIG-IQ TMOS Shell tmsh network...
EUVD-2026-29992
Incorrect permission assignment vulnerabilities exist in BIG-IP and BIG-IQ TMOS Shell tmsh network diagnostics commands and in BIG-IP iControl REST. These vulnerabilities may allow an authenticated attacker to view the network status of destination systems. Note: Software versions which have...
CVE-2026-41959
Incorrect permission assignment vulnerabilities exist in BIG-IP and BIG-IQ TMOS Shell tmsh network diagnostics commands and in BIG-IP iControl REST. These vulnerabilities may allow an authenticated attacker to view the network status of destination systems. Note: Software versions which have...
CVE-2026-41959
Incorrect permission assignment vulnerabilities exist in BIG-IP and BIG-IQ TMOS Shell tmsh network diagnostics commands and in BIG-IP iControl REST. These vulnerabilities may allow an authenticated attacker to view the network status of destination systems. Note: Software versions which have...
CVE-2026-41959
CVE-2026-41959 affects BIG-IP/BIG-IQ TMOS Shell (tmsh) network diagnostics and iControl REST. Root cause: incorrect permission assignments allow an authenticated user to view destination systems’ network status. Impact: control-plane exposure (viewing network status) with no data-plane exposure; ...
CVE-2026-41959 iControl and tmsh REST vulnerability
Incorrect permission assignment vulnerabilities exist in BIG-IP and BIG-IQ TMOS Shell tmsh network diagnostics commands and in BIG-IP iControl REST. These vulnerabilities may allow an authenticated attacker to view the network status of destination systems. Note: Software versions which have...
K000161022: iControl REST and tmsh vulnerability CVE-2026-41959
Security Advisory Description Incorrect permission assignment vulnerabilities exist in BIG-IP and BIG-IQ TMOS Shell tmsh network diagnostics commands and in BIG-IP iControl REST. These vulnerabilities may allow an authenticated attacker to view the network status of destination systems...
F5 BIG-IP和F5 BIG-IQ 安全漏洞
F5 BIG-IP and F5 BIG-IQ are both products from the American company F5. F5 BIG-IP is an application delivery platform that integrates functions such as network traffic management, application security management, and load balancing. F5 BIG-IQ is a software-based cloud management solution. This...
CVE-2025-14186
A security flaw has been discovered in Grandstream GXP1625 1.0.7.4. The impacted element is an unknown function of the file /cgi-bin/api.values.post of the component Network Status Page. Performing manipulation of the argument vpnip results in basic cross site scripting. Remote exploitation of th...
EUVD-2025-201595
A security flaw has been discovered in Grandstream GXP1625 1.0.7.4. The impacted element is an unknown function of the file /cgi-bin/api.values.post of the component Network Status Page. Performing manipulation of the argument vpnip results in basic cross site scripting. Remote exploitation of th...
CVE-2025-14186 Grandstream GXP1625 Network Status api.values.post cross site scripting
A security flaw has been discovered in Grandstream GXP1625 1.0.7.4. The impacted element is an unknown function of the file /cgi-bin/api.values.post of the component Network Status Page. Performing manipulation of the argument vpnip results in basic cross site scripting. Remote exploitation of th...
CVE-2025-14186 Grandstream GXP1625 Network Status api.values.post cross site scripting
A security flaw has been discovered in Grandstream GXP1625 1.0.7.4. The impacted element is an unknown function of the file /cgi-bin/api.values.post of the component Network Status Page. Performing manipulation of the argument vpnip results in basic cross site scripting. Remote exploitation of th...
CVE-2025-14186
CVE-2025-14186 affects Grandstream GXP1625 (firmware 1.0.7.4). The flaw is in the Network Status Page, file /cgi-bin/api.values.post, where manipulating the vpn_ip parameter triggers a basic cross-site scripting (XSS) vulnerability. Remote exploitation is possible, and the exploit has been public...
PT-2025-49397
A security flaw has been discovered in Grandstream GXP1625 1.0.7.4. The impacted element is an unknown function of the file /cgi-bin/api.values.post of the component Network Status Page. Performing manipulation of the argument vpn ip results in basic cross site scripting. Remote exploitation of t...
Desktop Alert PingAlert Information Disclosure Vulnerability (CNVD-2025-29404)
Desktop Alert PingAlert is a network status monitoring tool developed by Desktop Alert, Inc. and is mainly used to monitor the status of network devices in real time and send alerts. An information disclosure vulnerability exists in Desktop Alert PingAlert, which stems from a policy incompatibili...
CVE-2025-59201
Improper access control in Network Connection Status Indicator NCSI allows an authorized attacker to elevate privileges locally...
CVE-2025-59201
Improper access control in Network Connection Status Indicator NCSI allows an authorized attacker to elevate privileges locally...
CVE-2025-59201
CVE-2025-59201 concerns Windows Network Connection Status Indicator (NCSI). The issue is described as improper access control that could allow a locally authenticated attacker to escalate privileges on affected Windows systems. Connected Microsoft security advisories (KB5066793, KB5066835–KB50668...
EUVD-2011-3497
Malware in sbrugna...
EUVD-2012-3473
Malware in sbrugna...