2 matches found
CVE-2022-23971
ASUS RT-AX56U’s updatePLC/PORT file has a path traversal vulnerability due to insufficient filtering for special characters in the URL parameter. An unauthenticated LAN attacker can overwrite a system file by uploading another PLC/PORT file with the same file name, which results in service...
Debploit: Microsoft Windows NT/2000 debug API privelege escalation
By connection to PLC port DbgSsApiPOrt it's possible to obtain handler for any process or thread for debugging...