9 matches found
free5GC's SMF UPI management interface lacks auth middleware; unauthenticated topology read/write requests reach handlers
Summary free5GC's SMF mounts the UPI management route group without OAuth2/bearer-token authorization middleware. A network attacker who can reach SMF on the SBI can hit UPI endpoints with no Authorization header at all, and the requests reach the SMF business handlers. In the running Docker lab...
CVE-2026-41656 Admidio: Path Traversal via Unvalidated `name` Parameter in Document Add Mode Enables Arbitrary Server File Read
Admidio is an open-source user management solution. Prior to version 5.0.9, the add mode in modules/documents-files.php accepts a name parameter validated only as 'string' type HTML encoding, allowing path traversal characters ../ to pass through unfiltered. Combined with the absence of CSRF...
CVE-2026-23767
ESC/POS, a printer control language designed by Seiko Epson Corporation, lacks mechanisms for user authentication and command authorization, does not provide controls to restrict sources or destinations of network communication, and transmits commands without encryption or integrity protection...
PT-2025-35101
Name of the Vulnerable Software and Affected Versions: Meitrack T366G-L GPS Tracker devices affected versions not specified Description: The SPI flash chip Winbond 25Q64JVSIQ in Meitrack T366G-L GPS Tracker devices is accessible without authentication or tamper protection. An attacker with physic...
CVE-2024-23444
It was discovered by Elastic engineering that when elasticsearch-certutil CLI tool is used with the csr option in order to create a new Certificate Signing Requests, the associated private key that is generated is stored on disk unencrypted even if the --pass parameter is passed in the command...
The Naumen Service Management Platform’s vulnerability regarding automation of business processes arises from insufficient filtering of input data and lack of measures to protect the structure of web pages. This allows attackers to carry out XSS attacks.
The Naumen Service Management Platform is vulnerable to automation of business processes due to insufficient filtering of input data and lack of measures to protect the structure of web pages. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks by loading a specially...
CVE-2022-29958
JTEKT TOYOPUC PLCs through 2022-04-29 do not ensure data integrity. They utilize the unauthenticated CMPLink/TCP protocol for engineering purposes, including downloading projects and control logic to the PLC. Control logic is downloaded to the PLC on a block-by-block basis with a given memory...
PT-2021-14351 · Pypi +1 · Flask-Security-Too +1
Name of the Vulnerable Software and Affected Versions: Flask-Security-Too versions 3.3.0 through 3.4.5 Description: The issue concerns the Flask-Security-Too package, which is used to add security features to Flask applications. In affected versions, the /login and /change endpoints can return th...
CVE-2018-17955
In yast2-multipath before version 4.1.1 a static temporary filename allows local attackers to overwrite files on systems without symlink protection...