Lucene search
K

59 matches found

Cvelist
Cvelist
added 2024/12/10 4:27 p.m.38 views

CVE-2024-55547 Remote Command Execution via SNMP

SNMP objects in NET-SNMP used in ORing IAP-420 allows Command Injection. This issue affects IAP-420: through 2.01e...

9.3CVSS0.1694EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/12/10 4:21 p.m.8 views

CVE-2024-55546 Stored Cross-Site Scripting

Missing input validation in the ORing IAP-420 web-interface allows stored Cross-Site Scripting XSS.This issue affects IAP-420 version 2.01e and below...

7.1CVSS6.4AI score0.00283EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/12/10 4:21 p.m.17 views

CVE-2024-55546 Stored Cross-Site Scripting

Missing input validation in the ORing IAP-420 web-interface allows stored Cross-Site Scripting XSS.This issue affects IAP-420 version 2.01e and below...

7.1CVSS0.00283EPSS
Exploits1References1
NVD
NVD
added 2024/12/10 4:15 p.m.16 views

CVE-2024-55544

Missing input validation in the ORing IAP-420 web-interface allows authenticated Command Injections on OS level.This issue affects IAP-420 version 2.01e and below...

8.8CVSS0.11717EPSS
Exploits1References2
Cvelist
Cvelist
added 2024/12/10 4:14 p.m.14 views

CVE-2024-55545 Reflected Cross-Site Scripting

Missing input validation in the ORing IAP-420 web-interface allows Cross-Site Scripting XSS.This issue affects IAP-420 version 2.01e and below...

7.1CVSS0.00298EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/12/10 4:14 p.m.8 views

CVE-2024-55545 Reflected Cross-Site Scripting

Missing input validation in the ORing IAP-420 web-interface allows Cross-Site Scripting XSS.This issue affects IAP-420 version 2.01e and below...

7.1CVSS6.6AI score0.00298EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/12/10 4:4 p.m.16 views

CVE-2024-55544 Authenticated Command Injection

Missing input validation in the ORing IAP-420 web-interface allows authenticated Command Injections on OS level.This issue affects IAP-420 version 2.01e and below...

8.7CVSS0.11717EPSS
Exploits1References1
CVE
CVE
added 2024/12/10 4:4 p.m.47 views

CVE-2024-55544

CVE-2024-55544 concerns ORing IAP-420 devices. The connected documents consistently identify a vulnerability due to missing input validation in the web interface , affecting versions 2.01e and below . The core consequence described is authenticated command injections on the OS level . Some source...

8.8CVSS6.6AI score0.11717EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologies
added 2024/12/10 12:0 a.m.5 views

PT-2024-36544 · Oring · Oring Iap-420

Name of the Vulnerable Software and Affected Versions: ORing IAP-420 versions 2.01e and below Description: The issue is caused by missing input validation in the web interface of ORing IAP-420, allowing stored Cross-Site Scripting XSS. This enables attackers to store malicious scripts on the...

8.7CVSS5.9AI score0.11717EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2024/12/10 12:0 a.m.5 views

PT-2024-36545 · Oring · Oring Iap-420

Name of the Vulnerable Software and Affected Versions: ORing IAP-420 versions 2.01e and earlier Description: The issue is caused by a lack of input validation in the web interface of ORing IAP-420, allowing Cross-Site Scripting XSS. Recommendations: For versions 2.01e and earlier, update to a...

7.1CVSS6.6AI score0.00298EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2024/12/10 12:0 a.m.4 views

PT-2024-36546 · Oring · Oring Iap-420

Name of the Vulnerable Software and Affected Versions: ORing IAP-420 versions 2.01e and below Description: The issue is related to a lack of input validation in the web interface of the ORing IAP-420, which allows for stored Cross-Site Scripting XSS. This means that an attacker can inject malicio...

7.1CVSS6.2AI score0.00283EPSS
Exploits1References5
CNNVD
CNNVD
added 2024/12/10 12:0 a.m.5 views

ORing IAP-420 安全漏洞

The ORing IAP-420 is a wireless access point from ORing. A security vulnerability exists in the ORing IAP-420 version 2.01e and prior versions, which stems from a lack of input validation in the web interface...

7.1CVSS6.7AI score0.00283EPSS
Exploits1References1
CNNVD
CNNVD
added 2024/12/10 12:0 a.m.8 views

ORing IAP-420 安全漏洞

The ORing IAP-420 is a wireless access point from ORing. A security vulnerability exists in the ORing IAP-420 version 2.01e and prior versions, which stems from a forced deadlock caused by improper password character length checking...

7.5CVSS6.8AI score0.00462EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/12/10 12:0 a.m.5 views

ORing IAP-420 安全漏洞

The ORing IAP-420 is a wireless access point from ORing. A security vulnerability exists in the ORing IAP-420 version 2.01e and prior versions, which stems from a lack of input validation in the web interface...

7.1CVSS6.7AI score0.00298EPSS
Exploits1References1
CNNVD
CNNVD
added 2024/12/10 12:0 a.m.6 views

ORing IAP-420 安全漏洞

The ORing IAP-420 is a wireless access point from ORing. A security vulnerability exists in the ORing IAP-420 version 2.01e and prior versions, which stems from a lack of input validation in the web interface...

8.8CVSS6.7AI score0.11717EPSS
Exploits1References1
CNNVD
CNNVD
added 2024/12/10 12:0 a.m.10 views

ORing IAP-420 安全漏洞

The ORing IAP-420 is a wireless access point from ORing. A security vulnerability exists in the ORing IAP-420 version 2.01e and prior versions that stems from an SNMP object in the used NET-SNMP that allows command injection...

9.8CVSS6.9AI score0.1694EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/12/10 12:0 a.m.10 views

PT-2024-36547 · Oring · Oring Iap-420

Name of the Vulnerable Software and Affected Versions: ORing IAP-420 versions through 2.01e Description: The issue affects the NET-SNMP used in ORing IAP-420, allowing Command Injection through SNMP objects. Recommendations: For versions through 2.01e, consider disabling the SNMP functionality...

9.3CVSS7.5AI score0.1694EPSS
Exploits0References6
0day.today
0day.today
added 2024/06/02 12:0 a.m.183 views

ORing IAP-420 2.01e Cross Site Scripting / Command Injection Vulnerabilities

------------------------------------------------------------------------------- title| Multiple Vulnerabilities product| ORing IAP-420 vulnerable version| 2.01e fixed version| - CVE number| CVE-2024-5410, CVE-2024-5411 impact| High homepage| https://oringnet.com/ found| 2024-01-19 by| T. Weber...

8.7CVSS6.7AI score0.234EPSS
Exploits4
Packet Storm
Packet Storm
added 2024/05/30 12:0 a.m.271 views

ORing IAP-420 2.01e Cross Site Scripting / Command Injection

CyberDanube Security Research 20240528-0 ------------------------------------------------------------------------------- title| Multiple Vulnerabilities product| ORing IAP-420 vulnerable version| 2.01e fixed version| - CVE number| CVE-2024-5410, CVE-2024-5411 impact| High homepage|...

7.2AI score0.234EPSS
Exploits4
NVD
NVD
added 2024/05/28 11:15 a.m.21 views

CVE-2024-5410

Missing input validation in the ORing IAP-420 web-interface allows stored Cross-Site Scripting XSS.This issue affects IAP-420 version 2.01e and below...

8.3CVSS5.9AI score0.13165EPSS
Exploits3References2
Rows per page
Query Builder