22 matches found
EUVD-2024-45181
Malicious code in bioql PyPI...
EUVD-2023-35560
Malicious code in bioql PyPI...
EUVD-2023-32310
Malicious code in bioql PyPI...
CVE-2024-50381
A vulnerability exists in Snap One OVRC cloud where an attacker can impersonate a Hub device and send requests to claim and unclaim devices. The attacker only needs to provide the MAC address of the targeted device and can make a request to unclaim it from its original connection and make a reque...
CVE-2023-28412
When supplied with a random MAC address, Snap One OvrC cloud servers will return information about the device. The MAC address of devices can be enumerated in an attack and the OvrC cloud will disclose their information...
CVE-2023-28649
The Hub in the Snap One OvrC cloud platform is a device used to centralize and manage nested devices connected to it. A vulnerability exists in which an attacker could impersonate a hub and send device requests to claim already claimed devices. The OvrC cloud platform receives the requests but do...
CVE-2024-50381
A vulnerability exists in Snap One OVRC cloud where an attacker can impersonate a Hub device and send requests to claim and unclaim devices. The attacker only needs to provide the MAC address of the targeted device and can make a request to unclaim it from its original connection and make a reque...
CVE-2024-50380
CVE-2024-50380 affects Snap One OvrC cloud where MAC addresses are used as identifiers to disclose device information. Affected component: OvrC cloud platform; vulnerability path allows an attacker to impersonate other devices by supplying enumerated MAC addresses and receive sensitive device inf...
CVE-2024-50380 Authentication Bypass by Spoofing in Snap One OVRC cloud
Snap One OVRC cloud uses the MAC address as an identifier to provide information when requested. An attacker can impersonate other devices by supplying enumerated MAC addresses and receive sensitive information about the device...
CVE-2023-31241
Snap One OvrC cloud servers contain a route an attacker can use to bypass requirements and claim devices outright...
CVE-2023-31241
Snap One OvrC cloud servers contain a route an attacker can use to bypass requirements and claim devices outright...
CVE-2023-31245
Devices using Snap One OvrC cloud are sent to a web address when accessing a web management interface using a HTTP connection. Attackers could impersonate a device and supply malicious information about the device’s web server interface. By supplying malicious parameters, an attacker could redire...
CVE-2023-28412
When supplied with a random MAC address, Snap One OvrC cloud servers will return information about the device. The MAC address of devices can be enumerated in an attack and the OvrC cloud will disclose their information...
Information disclosure
When supplied with a random MAC address, Snap One OvrC cloud servers will return information about the device. The MAC address of devices can be enumerated in an attack and the OvrC cloud will disclose their information...
CVE-2023-31241
Snap One OvrC cloud servers contain a route an attacker can use to bypass requirements and claim devices outright...
CVE-2023-28649
The Hub in the Snap One OvrC cloud platform is a device used to centralize and manage nested devices connected to it. A vulnerability exists in which an attacker could impersonate a hub and send device requests to claim already claimed devices. The OvrC cloud platform receives the requests but do...
PT-2023-21873 · Ovrc · Ovrc
Name of the Vulnerable Software and Affected Versions: OvrC cloud platform affected versions not specified Description: A vulnerability exists in the OvrC cloud platform where an attacker could impersonate a hub and send device requests to claim already claimed devices. The platform does not...
Snap One OvrC Cloud 安全漏洞
Snap One OvrC is a free cloud-based remote management and monitoring platform from Snap One USA. The Snap One OvrC Cloud suffers from a security vulnerability that stems from the fact that the MAC address of a device can be enumerated in an attack, which can be exploited by an attacker to gain...
Snap One OvrC Cloud 存在输入验证错误漏洞
Snap One OvrC is a free cloud-based remote management and monitoring platform from US-based Snap One. Snap One OvrC Cloud suffers from an input validation error vulnerability that originates from a URL redirection to an untrusted site, which can be exploited by an attacker to redirect a user to a...
Snap One OvrC Cloud 输入验证错误漏洞
Snap One OvrC is a free cloud-based remote management and monitoring platform from Snap One USA. Snap One OvrC Cloud suffers from an input validation error vulnerability where an attacker could impersonate a hub and send a device request to declare a declared device...