Lucene search
K

83 matches found

CNNVD
CNNVD
added 2022/03/18 12:0 a.m.4 views

Tenda AC6 缓冲区错误漏洞

The Tenda AC6 is a wireless router from the Chinese company Tenda. A stack overflow vulnerability exists in the Tenda AC6 SetPptpServerCfg function, which can be exploited by an attacker to cause arbitrary command execution...

10CVSS6AI score0.01665EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2022/03/04 1:15 p.m.6 views

CVE-2021-46393

There is a stack buffer overflow vulnerability in the formSetPPTPServer function of Tenda-AX3 router V16.03.12.10CN. The v10 variable is directly retrieved from the http request parameter startIp. Then v10 will be splice to stack by function sscanf without any security check,which causes stack...

9.8CVSS8.9AI score0.15916EPSS
Exploits1References2
OSV
OSV
added 2022/03/04 1:15 p.m.3 views

CVE-2021-46393

There is a stack buffer overflow vulnerability in the formSetPPTPServer function of Tenda-AX3 router V16.03.12.10CN. The v10 variable is directly retrieved from the http request parameter startIp. Then v10 will be splice to stack by function sscanf without any security check,which causes stack...

9.8CVSS6.6AI score0.15916EPSS
Exploits1References1
OSV
OSV
added 2021/10/14 11:15 a.m.4 views

CVE-2020-22724

A remote command execution vulnerability exists in addserverservice of PPTPSERVER in Mercury Router MER1200 v1.0.1 and Mercury Router MER1200G v1.0.1...

9.8CVSS5.9AI score0.05388EPSS
Exploits1References2
Prion
Prion
added 2021/10/14 11:15 a.m.15 views

Design/Logic Flaw

A remote command execution vulnerability exists in addserverservice of PPTPSERVER in Mercury Router MER1200 v1.0.1 and Mercury Router MER1200G v1.0.1...

10CVSS9.5AI score0.05388EPSS
Exploits1References2Affected Software2
OpenVAS
OpenVAS
added 2019/10/08 12:0 a.m.14 views

PPTP Server/Device Compromised

The remote PPTP Server/Device might have been compromised by an attacker or a worm. Copyright C 2019 Greenbone Networks GmbH SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as...

7.5AI score
Exploits0
Fortinet
Fortinet
added 2018/11/16 12:0 a.m.44 views

Serial number disclosure in the FortiOS PPTP server hostname protocol field

Fortigate PPTP service reveals serial number of FortiGate in the hostname field defined in connection control setup packets of PPTP protocol...

5CVSS1.1AI score0.0087EPSS
Exploits0Affected Software1
OSV
OSV
added 2018/01/11 4:29 p.m.6 views

CVE-2017-15628

TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the lcpechointerval variable in the pptpserver.lua file...

7.2CVSS6AI score0.04367EPSS
Exploits4References2
OSV
OSV
added 2018/01/11 4:29 p.m.4 views

CVE-2017-15637

TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the pptphellointerval variable in the pptpserver.lua file...

7.2CVSS6AI score0.04245EPSS
Exploits3References2
OSV
OSV
added 2018/01/11 4:29 p.m.2 views

CVE-2017-15632

TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-mppeencryption variable in the pptpserver.lua file...

7.2CVSS6AI score0.04245EPSS
Exploits4References2
OSV
OSV
added 2018/01/11 4:29 p.m.5 views

CVE-2017-15623

TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-enable variable in the pptpserver.lua file...

7.2CVSS6AI score0.04367EPSS
Exploits4References2
Prion
Prion
added 2018/01/11 4:29 p.m.15 views

Command injection

TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-authtype variable in the pptpserver.lua file...

9CVSS7.4AI score0.04367EPSS
Exploits4References2Affected Software2
OSV
OSV
added 2018/01/11 4:29 p.m.4 views

CVE-2017-15626

TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-bindif variable in the pptpserver.lua file...

7.2CVSS6AI score0.04367EPSS
Exploits4References2
Prion
Prion
added 2018/01/11 4:29 p.m.12 views

Command injection

TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-mppeencryption variable in the pptpserver.lua file...

9CVSS7.4AI score0.04245EPSS
Exploits4References2Affected Software2
OSV
OSV
added 2018/01/11 4:29 p.m.6 views

CVE-2017-15624

TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-authtype variable in the pptpserver.lua file...

7.2CVSS6AI score0.04367EPSS
Exploits4References2
CNVD
CNVD
added 2018/01/11 12:0 a.m.9 views

TP-Link WVR, WAR and ER Device Arbitrary Command Execution Vulnerability (CNVD-2018-02039)

TP-Link WVR, WAR and ER devices are all different series of router products from China P&L TP-LINK. A security vulnerability exists in the TP-Link WVR, WAR, and ER devices. The vulnerability can be exploited by a remote attacker to execute arbitrary commands by injecting commands into the...

9CVSS7.6AI score0.04367EPSS
Exploits4References1
CNVD
CNVD
added 2018/01/11 12:0 a.m.4 views

TP-Link WVR, WAR and ER Device Arbitrary Command Execution Vulnerability (CNVD-2018-02031)

TP-Link WVR, WAR and ER devices are all different series of router products from China P&L TP-LINK. A security vulnerability exists in the TP-Link WVR, WAR, and ER devices. A remote attacker can exploit the vulnerability by injecting commands into the new-mppeencryption variable of the...

9CVSS7.7AI score0.04245EPSS
Exploits4References1
CNVD
CNVD
added 2018/01/11 12:0 a.m.5 views

TP-Link WVR, WAR and ER Device Arbitrary Command Execution Vulnerability (CNVD-2018-02035)

TP-Link WVR, WAR and ER devices are all different series of router products from China P&L TP-LINK. A security vulnerability exists in the TP-Link WVR, WAR, and ER devices. A remote attacker can exploit the vulnerability by injecting commands into the lcpechointerval variable of the pptpserver.lu...

9CVSS7.7AI score0.04367EPSS
Exploits4References1
CNVD
CNVD
added 2018/01/11 12:0 a.m.5 views

TP-Link WVR, WAR and ER Device Arbitrary Command Execution Vulnerability (CNVD-2018-02040)

TP-Link WVR, WAR and ER devices are all different series of router products from China P&L TP-LINK. A security vulnerability exists in the TP-Link WVR, WAR, and ER devices. The vulnerability can be exploited by a remote attacker to execute arbitrary commands by injecting commands into the...

9CVSS7.6AI score0.04367EPSS
Exploits4References1
CNVD
CNVD
added 2018/01/11 12:0 a.m.3 views

TP-Link WVR, WAR and ER Device Arbitrary Command Execution Vulnerability (CNVD-2018-02026)

TP-Link WVR, WAR and ER devices are all different series of router products from China P&L TP-LINK. A security vulnerability exists in the TP-Link WVR, WAR, and ER devices. A remote attacker can exploit the vulnerability by injecting commands into the pptphellointerval variable of the...

9CVSS7.7AI score0.04245EPSS
Exploits3References1
Rows per page
Query Builder