8 matches found
Optergy 2.3.0a - Cross-Site Request Forgery (Add Admin)
Optergy 2.3.0a - Cross-Site Request Forgery Add Admin Title: Optergy 2.3.0a - Cross-Site Request Forgery Add Admin Author: LiquidWorm Date: 2019-11-05 Vendor: https://optergy.com/ Product web page: https://optergy.com/products/ Affected version: history.pushState'', '', '/' input type="hidden"...
CVE-2019-7273
Optergy Proton/Enterprise devices allow Cross-Site Request Forgery CSRF...
CVE-2019-7272
Optergy Proton/Enterprise devices allow Username Disclosure...
CVE-2019-7277
Optergy Proton/Enterprise devices allow Unauthenticated Internal Network Information Disclosure...
CVE-2019-7278
Optergy Proton/Enterprise devices have an Unauthenticated SMS Sending Service...
CVE-2019-7275
Optergy Proton/Enterprise devices allow Open Redirect...
CVE-2019-7274
CVE-2019-7274 affects Optergy Proton/Enterprise. The vulnerability is an authenticated file upload that can lead to remote code execution as root in Optergy Proton/Enterprise versions 2.3.0a and earlier. Public references describe an authenticated file-upload path enabling root access (RCE) and a...
PT-2019-18506 · Optergy · Optergy Proton/Enterprise
Name of the Vulnerable Software and Affected Versions: Optergy Proton/Enterprise devices affected versions not specified Description: The issue allows for remote root code execution via a backdoor console. Recommendations: At the moment, there is no information about a newer version that contains...