43 matches found
EUVD-2018-17463
Malware in sbrugna...
EUVD-2019-3083
Malware in sbrugna...
The vulnerability of the software for programming operator panels of the VT series, such as VT-Designer, arises from writing beyond buffer boundaries, allowing a hacker to execute arbitrary code.
The vulnerability of the software for programming operator panels of the VT series, such as VT-Designer, lies in the writing beyond buffer boundaries when processing PM3 files. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
The vulnerability of the software for creating and managing graphical user interfaces on Rockwell Automation’s FactoryTalk View Machine Edition systems, related to lack of access control, allows a intruder to trigger a service failure on the operator panel.
The vulnerability of the software for creating and managing graphical user interfaces on Rockwell Automation’s FactoryTalk View Machine Edition industrial devices is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to cause malfunctions in the...
Rockwell Automation LP30/40/50 and BM40 Operator Interface
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION : Exploitable remotely/low attack complexity Vendor : Rockwell Automation Equipment : LP30, LP40, LP50, and BM40 Operator Panels Vulnerability : Improper Validation of Consistency within Input, Out-of-bounds Write, Stack-based Buffer Overflow,...
The vulnerability of the FvDesigner software for creating operator panels, related to access to an uninitialized pointer, allows a hacker to execute arbitrary code in the target system.
The vulnerability of the FvDesigner software for creating operator panels is related to access to an uninitialized pointer. Exploiting this vulnerability could allow a attacker to execute arbitrary code on the target system...
The vulnerability of the FvDesigner software for creating operator panels, related to the execution of operations outside the buffer boundaries in memory, allows a hacker to execute arbitrary code on the target system.
The vulnerability of the FvDesigner software for creating operator panels is related to the execution of operations outside the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to execute arbitrary code on the target system...
The vulnerability of the FvDesigner software for creating operator panels, related to the execution of operations outside the buffer boundaries in memory, allows a hacker to execute arbitrary code on the target system.
The vulnerability of the FvDesigner software for creating operator panels is related to the execution of operations outside the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to execute arbitrary code on the target system...
The vulnerability of the DOPSoft software, designed for programming operator panels by Delta Electronics, arises from a buffer overflow in the dynamic memory. This allows an attacker to execute arbitrary code.
The vulnerability of the DOPSoft software, designed for programming operator panels by Delta Electronics, is due to a buffer overflow in the dynamic memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
FusionPBX - Operator Panel exec.php Command Execution (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'FusionPBX Operator Panel exec.php Command Execution', 'Description' = %q This module exploits an authenticated command injection vulnerability in...
FusionPBX Operator Panel (exec.php) Command Execution Exploit
This Metasploit module exploits an authenticated command injection vulnerability in FusionPBX versions 4.4.3 and prior. The exec.php file within the Operator Panel permits users with operatorpanelview permissions, or administrator permissions, to execute arbitrary commands as the web server user ...
FusionPBX Operator Panel exec.php Command Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'FusionPBX Operator Panel exec.php Command Execution', 'Description' = %q This module exploits an authenticated command injection vulnerability in...
FusionPBX Operator Panel exec.php Command Execution
This module exploits an authenticated command injection vulnerability in FusionPBX versions 4.4.3 and prior. The exec.php file within the Operator Panel permits users with operatorpanelview permissions, or administrator permissions, to execute arbitrary commands as the web server user by sending ...
Lenze EL 1800 Touch Operator Panel
Binary data 764794.prm...
FreePBX Operator Panel Module Information Disclosure Vulnerability
FreePBX formerly known as Asterisk Management Portal is a set of tools from the FreePBX project for configuring Asterisk IP telephony system through a GUI web-based graphical interface. An information disclosure vulnerability exists in the app/operatorpanel/indexinc.php file of the Operator Panel...
Command injection
app/operatorpanel/exec.php in the Operator Panel module in FusionPBX 4.4.3 suffers from a command injection vulnerability due to a lack of input validation that allows authenticated non-administrative attackers to execute commands on the host. This can further lead to remote code execution when...
CVE-2019-11408
XSS in app/operatorpanel/indexinc.php in the Operator Panel module in FusionPBX 4.4.3 allows remote unauthenticated attackers to inject arbitrary JavaScript characters by placing a phone call using a specially crafted caller ID number. This can further lead to remote code execution by chaining th...
CVE-2019-11407
app/operatorpanel/indexinc.php in the Operator Panel module in FusionPBX 4.4.3 suffers from an information disclosure vulnerability due to excessive debug information, which allows authenticated administrative attackers to obtain credentials and other sensitive information...
Command injection
XSS in app/operatorpanel/indexinc.php in the Operator Panel module in FusionPBX 4.4.3 allows remote unauthenticated attackers to inject arbitrary JavaScript characters by placing a phone call using a specially crafted caller ID number. This can further lead to remote code execution by chaining th...
Information disclosure
app/operatorpanel/indexinc.php in the Operator Panel module in FusionPBX 4.4.3 suffers from an information disclosure vulnerability due to excessive debug information, which allows authenticated administrative attackers to obtain credentials and other sensitive information...