CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CNVD•added 2023/12/07 12:0 a.m.•13 views

Dell DM5500 Path Traversal Vulnerability

The Dell DM5500 is an integrated solution from Dell, Inc. It provides industry-leading deduplication, data protection solutions and multi-cloud capabilities. The Dell DM5500 suffers from a path traversal vulnerability that stems from a failure to properly filter special elements in the path of a...

6.5CVSS6.6AI score0.017EPSS

CNVD•added 2023/12/07 12:0 a.m.•15 views

Dell DM5500 Information Disclosure Vulnerability

The Dell DM5500 is an integrated solution from Dell, Inc. It provides industry-leading deduplication, data protection solutions and multi-cloud capabilities. The Dell DM5500 suffers from an information disclosure vulnerability that originates from the inclusion of a plain text password in the PPO...

5.5CVSS6.6AI score0.00096EPSS

CVE•added 2023/12/04 8:36 a.m.•44 views

CVE-2023-44300

CVE-2023-44300 applies to Dell DM5500 (version 5.14.0.0). The vulnerability is a plain-text password storage issue in the PPOE component, enabling a local privileged attacker to disclose service credentials and access the vulnerable application with the compromised account’s privileges. Supported...

5.5CVSS5.2AI score0.00096EPSS

CVE•added 2023/12/04 8:32 a.m.•45 views

CVE-2023-44306

Dell DM5500 exposes a path traversal vulnerability in the PPOE component that could allow a remote attacker with high privileges to overwrite configuration files on the server filesystem. The affected product is the Dell DM5500 appliance; the vulnerability arises from improper filtering of path e...

6.5CVSS6.3AI score0.017EPSS

CVE•added 2023/12/04 8:25 a.m.•30 views

CVE-2023-44305

Dell PowerProtect Data Manager DM5500 (version 5.14.0.0) is affected by a stack-based buffer overflow in the appliance. An unauthenticated remote attacker could crash the affected process or execute arbitrary code by sending specially crafted input data. Affected component is the DM5500 appliance...

9.8CVSS9.7AI score0.05161EPSS

CVE•added 2023/12/04 8:19 a.m.•32 views

CVE-2023-44304

CVE-2023-44304 affects the Dell DM5500 appliance. A privilege escalation exists that could allow a remote attacker with low privileges to escape the restricted shell and gain root access to the device. The connected PT-2023-29201 entry references an issue in the PPOE component with the same effec...

8.8CVSS8.9AI score0.02302EPSS

CVE•added 2023/12/04 8:13 a.m.•31 views

CVE-2023-44291

Dell PowerProtect Data Manager DM5500 (v5.14.0.0) is affected by an OS command injection in the PPOE component. The root cause is improper neutralization of special characters in commands, allowing a remote, high-privilege attacker with network access to run arbitrary OS commands on the underlyin...

7.2CVSS7.3AI score0.02886EPSS

CNNVD•added 2023/12/04 12:0 a.m.•8 views

Dell DM5500 操作系统命令注入漏洞

7.2CVSS8.1AI score0.02886EPSS

exploitpack•added 2014/04/15 12:0 a.m.•17 views

NETGEAR WNDR3400 N600 Wireless Dual Band - Multiple Vulnerabilities

NETGEAR WNDR3400 N600 Wireless Dual Band - Multiple Vulnerabilities Title: Multiple vulnerabilities in NETGEAR N600 WIRELESS DUAL BAND WNDR3400 ==================================================================================== Notification Date: 4/14/2014 Affected Vendor: NETGEAR N600 WIRELESS...

exploitpack•added 2013/09/30 12:0 a.m.•20 views

Tenda W309R Router 5.07.46 - Configuration Disclosure

Tenda W309R Router 5.07.46 - Configuration Disclosure --------------------------------------------------- Exploit Title: Tenda W309R Configuration Enumeration without Authentication Author: SANTHO Vendor Homepage: http://www.tenda.cn Product link:...

7.4AI score

0day.today•added 2013/04/20 12:0 a.m.•32 views

Netgear DGN2200B pppoe.cgi Remote Command Execution Vulnerability

Some Netgear Routers are vulnerable to an authenticated OS command injection on their web interface. Default credentials for the web interface are admin/admin or admin/password. Since it is a blind os command injection vulnerability, there is no output for the executed command when using the cmd...

7.4AI score

0day.today•added 2012/05/07 12:0 a.m.•49 views

D-Link DSL-2640U PPoE Data Disclosure (ADSL Router)

Exploit for hardware platform in category web applications ================================================================================ || | | || || || |/ | || |/ | | | | | | | | | | | \ | | | | \ ================================================================================ Exploit Title:...

7.1AI score

0day.today•added 2012/04/26 12:0 a.m.•21 views

MoroccoTel Box Default Open Telnet Password

Exploit for windows platform in category remote exploits a "vulnerability" was identified on MoroccoTel Boxes: a telnet server is running, open to the web, with a default password of admin or 123456 This critical vulnerability can affect the entire network of a Country. Solution: change the defau...

7.1AI score

Packet Storm•added 2012/04/25 12:0 a.m.•28 views

MoroccoTel Default Password

Hi, a "vulnerability" was identified on MoroccoTel Boxes: a telnet server is running, open to the web, with a default password of admin or 123456 This critical vulnerability can affect the entire network of a Country. Solution: change the default password account or modify the default firmware NB...

0.7AI score