6 matches found
CVE-2018-4073
An exploitable Permission Assignment vulnerability exists in the ACEManager EmbeddedAceSetTask.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. The the binary the endpoint /cgi-bin/EmbededAceTLSetTask.cgi is a very similar endpoint that is designed for use with setting table values th...
EUVD-2024-39399
Malicious code in bioql PyPI...
CVE-2025-3394
The CVE-2025-3394 entry affects ABB’s Automation Builder up to version 2.8.0 . The issue is described as an Incorrect Permission Assignment for a Critical Resource in the user management component, enabling modification of project/user data and overruling of user management. The vulnerability is ...
CVE-2022-30700
An incorrect permission assignment vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to load a DLL with escalated privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target...
Design/Logic Flaw
An exploitable Permission Assignment vulnerability exists in the ACEManager EmbeddedAceSetTask.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. The EmbeddedAceSetTask.cgi executable is used to change MSCII configuration values within the configuration manager of the AirLink ES450. Thi...
CVE-2018-4072
The CVE-2018-4072 vulnerability affects Sierra Wireless AirLink ES450 running FW 4.9.3, in the ACEManager EmbeddedAceSet_Task.cgi component. Affected by a permission-assignment flaw that allows an authenticated user to modify configuration values via the /cgi-bin/Embedded_Ace_Set_Task.cgi endpoin...