Lucene search
K

28 matches found

GithubExploit
GithubExploit
added 2026/05/21 7:17 a.m.79 views

Exploit for CVE-2025-99999

CVE-2025-99999 - HSM Firmware Authentication Bypass Descri...

5.8AI score
Exploits1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2008-0798

Malware in sbrugna...

5CVSS6.4AI score0.01719EPSS
Exploits1References7
Zero Day Initiative
Zero Day Initiative
added 2025/07/21 12:0 a.m.7 views

(Pwn2Own) Phoenix Contact CHARX SEC-3150 DHCP Configuration Command Injection Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Phoenix Contact CHARX SEC-3150 devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the configuration service, which listens on TCP port 50...

8.8CVSS7.5AI score0.0024EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2024/06/21 12:0 a.m.20 views

(Pwn2Own) Phoenix Contact CHARX SEC-3100 Config Manager Improper Input Validation Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Phoenix Contact CHARX SEC-3100 devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the CharxSystemConfigManager service, which listens on...

7.5CVSS7.3AI score0.01404EPSS
Exploits0References1
OSV
OSV
added 2022/09/13 10:15 p.m.5 views

CVE-2022-35413

WAPPLES through 6.0 has a hardcoded systemi account. A threat actor could use this account to access the system configuration and confidential information such as SSL keys via an HTTPS request to the /webapi/ URI on port 443 or 5001...

9.8CVSS5.8AI score0.12476EPSS
Exploits0References3
CNNVD
CNNVD
added 2021/08/30 12:0 a.m.4 views

ZTE ZXV10 M910 代码问题漏洞

The ZTE ZXV10 M910 is a video conferencing HD video server from ZTE Corporation China.A security vulnerability exists in the ZTE ZXV10 M910, which can be exploited by attackers to execute arbitrary commands by sending deserialized payloads to port 5001...

9.8CVSS6AI score0.01942EPSS
Exploits0References1
Prion
Prion
added 2019/02/07 11:29 p.m.14 views

Design/Logic Flaw

Forcepoint User ID FUID server versions up to 1.2 have a remote arbitrary file upload vulnerability on TCP port 5001. Successful exploitation of this vulnerability may lead to remote code execution. To fix this vulnerability, upgrade to FUID version 1.3 or higher. To prevent the vulnerability on...

7.5CVSS9.6AI score0.02358EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2019/02/07 11:29 p.m.18 views

CVE-2019-6139

Forcepoint User ID FUID server versions up to 1.2 have a remote arbitrary file upload vulnerability on TCP port 5001. Successful exploitation of this vulnerability may lead to remote code execution. To fix this vulnerability, upgrade to FUID version 1.3 or higher. To prevent the vulnerability on...

9.8CVSS9.7AI score0.02358EPSS
Exploits0References1
CVE
CVE
added 2019/02/07 11:0 p.m.52 views

CVE-2019-6139

Forcepoint User ID (FUID) server up to version 1.2 has a remote arbitrary file upload vulnerability on TCP port 5001 that can lead to remote code execution. Upgrade to FUID 1.3+ to fix. If on 1.2 or earlier, restrict external access to port 5001 with firewall rules since the service is intended f...

9.8CVSS9.6AI score0.02358EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2019/02/07 11:0 p.m.31 views

CVE-2019-6139

Forcepoint User ID FUID server versions up to 1.2 have a remote arbitrary file upload vulnerability on TCP port 5001. Successful exploitation of this vulnerability may lead to remote code execution. To fix this vulnerability, upgrade to FUID version 1.3 or higher. To prevent the vulnerability on...

9.8AI score0.02358EPSS
Exploits0References1
Prion
Prion
added 2018/10/24 9:29 p.m.17 views

Remote code execution

DISPUTED Xen Mobile through 10.8.0 includes a service listening on port 5001 within its firewall that accepts unauthenticated input. If this service is supplied with raw serialised Java objects, it deserialises them back into Java objects in memory, giving rise to a remote code execution...

7.2CVSS8AI score0.02919EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2018/10/24 9:29 p.m.17 views

CVE-2018-18013

Xen Mobile through 10.8.0 includes a service listening on port 5001 within its firewall that accepts unauthenticated input. If this service is supplied with raw serialised Java objects, it deserialises them back into Java objects in memory, giving rise to a remote code execution vulnerability...

7.8CVSS8AI score0.02919EPSS
Exploits1References1
OSV
OSV
added 2018/10/24 9:29 p.m.6 views

CVE-2018-18013

Xen Mobile through 10.8.0 includes a service listening on port 5001 within its firewall that accepts unauthenticated input. If this service is supplied with raw serialised Java objects, it deserialises them back into Java objects in memory, giving rise to a remote code execution vulnerability...

7.8CVSS6.4AI score0.02919EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2018/10/24 12:0 a.m.5 views

PT-2018-14320 · Citrix · Xen Mobile

Name of the Vulnerable Software and Affected Versions: Xen Mobile versions prior to 10.8.0 Description: The issue arises from a service listening on port 5001 within the firewall of Xen Mobile, which accepts unauthenticated input. This service deserializes raw serialized Java objects into Java...

7.8CVSS8AI score0.02919EPSS
Exploits1References3
NVD
NVD
added 2017/10/18 6:29 p.m.26 views

CVE-2017-15359

In the 3CX Phone System 15.5.3554.1, the Management Console typically listens to port 5001 and is prone to a directory traversal attack: "/api/RecordingList/DownloadRecord?file=" and "/api/SupportInfo?file=" are the vulnerable parameters. An attacker must be authenticated to exploit this issue to...

6.5CVSS6.3AI score0.06168EPSS
Exploits4References2
Prion
Prion
added 2017/10/18 6:29 p.m.20 views

Directory traversal

In the 3CX Phone System 15.5.3554.1, the Management Console typically listens to port 5001 and is prone to a directory traversal attack: "/api/RecordingList/DownloadRecord?file=" and "/api/SupportInfo?file=" are the vulnerable parameters. An attacker must be authenticated to exploit this issue to...

4CVSS6.2AI score0.06168EPSS
Exploits4References2Affected Software1
Cvelist
Cvelist
added 2017/10/18 6:0 p.m.26 views

CVE-2017-15359

In the 3CX Phone System 15.5.3554.1, the Management Console typically listens to port 5001 and is prone to a directory traversal attack: "/api/RecordingList/DownloadRecord?file=" and "/api/SupportInfo?file=" are the vulnerable parameters. An attacker must be authenticated to exploit this issue to...

6.3AI score0.06168EPSS
Exploits4References2
0day.today
0day.today
added 2017/10/17 12:0 a.m.125 views

3CX Phone System 15.5.3554.1 - Directory Traversal Vulnerability

Exploit for linux platform in category web applications Title: ====== 3CX Phone System - Authenticated Directory Traversal Author: ======= Jens Regel, Schneider & Wulf EDV-Beratung GmbH & Co. KG CVE-ID: ======= CVE-2017-15359 Risk Information: ================= CVSS Base Score: 6.8 CVSS Vector:...

4CVSS6.5AI score0.06168EPSS
Exploits4
Packet Storm
Packet Storm
added 2017/10/16 12:0 a.m.71 views

3CX Phone System 15.5.3554.1 Directory Traversal

Title: ====== 3CX Phone System - Authenticated Directory Traversal Author: ======= Jens Regel, Schneider & Wulf EDV-Beratung GmbH & Co. KG CVE-ID: ======= CVE-2017-15359 Risk Information: ================= CVSS Base Score: 6.8 CVSS Vector: CVSS3AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N Timeline:...

6.6AI score0.06168EPSS
Exploits4
Exploit DB
Exploit DB
added 2017/10/16 12:0 a.m.80 views

3CX Phone System 15.5.3554.1 - Directory Traversal

Title: ====== 3CX Phone System - Authenticated Directory Traversal Author: ======= Jens Regel, Schneider & Wulf EDV-Beratung GmbH & Co. KG CVE-ID: ======= CVE-2017-15359 Risk Information: ================= CVSS Base Score: 6.8 CVSS Vector: CVSS3AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N Timeline:...

6.5CVSS6.5AI score0.06168EPSS
Exploits4
Rows per page
Query Builder