Lucene search
K

29 matches found

Zero Science Lab
Zero Science Lab
added 2025/02/10 12:0 a.m.262 views

CMU CERT/CC VINCE v2.0.6 Stored XSS

Summary VINCE is the Vulnerability Information and Coordination Environment developed and used by the CERT Coordination Center to improve coordinated vulnerability disclosure. VINCE is a Python-based web platform. Description The framework suffers from an authenticated stored cross-site scripting...

6AI score
Exploits0
Zero Science Lab
Zero Science Lab
added 2024/10/30 12:0 a.m.404 views

ABB Cylon Aspect 3.08.01 (jsonProxy.php) Information Disclosure

Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description The jsonProxy.php endpoint on the ABB BMS/BAS controller is vulnerabl...

5.8AI score
Exploits0
Zero Science Lab
Zero Science Lab
added 2024/10/21 12:0 a.m.342 views

ABB Cylon Aspect 3.08.01 (persistenceManagerAjax.php) Remote Code Execution

Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description The ABB BMS/BAS controller suffers from an unauthenticated OS command...

6.1AI score
Exploits0
Zero Science Lab
Zero Science Lab
added 2024/04/17 12:0 a.m.395 views

Elber ESE DVB-S/S2 Satellite Receiver 1.5.x Device Config

Summary ESE Elber Satellite Equipment product line, designed for the high-end radio contribution and distribution market, where quality and reliability are most important. The Elber IRD Integrated Receiver Decoder ESE-01 offers a professional audio quality and composite video at an excellent...

8.7CVSS5.8AI score0.00494EPSS
Exploits1
Zero Science Lab
Zero Science Lab
added 2024/01/31 12:0 a.m.317 views

TELSAT marKoni FM Transmitter 1.9.5 Backdoor Account

Summary Professional FM transmitters. Description The transmitter has a hidden super administrative account 'factory' that has the hardcoded password 'inokram25' that allows full access to the web management interface configuration. The factory account is not visible in the users page of the...

9.8CVSS5.8AI score0.00524EPSS
Exploits1
Zero Science Lab
Zero Science Lab
added 2023/09/01 12:0 a.m.312 views

Tinycontrol LAN Controller v3 (LK3) Remote Credentials Extraction PoC

Summary Lan Controller is a very universal device that allows you to connect many different sensors and remotely view their readings and remotely control various types of outputs. It is also possible to combine both functions into an automatic if - this with a calendar when - then. The device...

5.8AI score
Exploits0
Zero Science Lab
Zero Science Lab
added 2023/05/13 12:0 a.m.294 views

Screen SFT DAB 600/C Authentication Bypass Reset Board Config Exploit

Summary Screen's new radio DAB Transmitter is reaching the highest technology level in both Digital Signal Processing and RF domain. SFT DAB Series - Compact Radio DAB Transmitter - Air. Thanks to the digital adaptive precorrection and configuatio flexibility, the Hot Swap System technology, the...

8.7CVSS5.8AI score0.00456EPSS
Exploits2
Zero Science Lab
Zero Science Lab
added 2023/05/13 12:0 a.m.290 views

Screen SFT DAB 600/C Authentication Bypass Erase Account Exploit

Summary Screen's new radio DAB Transmitter is reaching the highest technology level in both Digital Signal Processing and RF domain. SFT DAB Series - Compact Radio DAB Transmitter - Air. Thanks to the digital adaptive precorrection and configuatio flexibility, the Hot Swap System technology, the...

9.8CVSS5.8AI score0.00555EPSS
Exploits2
Zero Science Lab
Zero Science Lab
added 2023/05/13 12:0 a.m.390 views

Screen SFT DAB 600/C Authentication Bypass Password Change Exploit

Summary Screen's new radio DAB Transmitter is reaching the highest technology level in both Digital Signal Processing and RF domain. SFT DAB Series - Compact Radio DAB Transmitter - Air. Thanks to the digital adaptive precorrection and configuatio flexibility, the Hot Swap System technology, the...

9.3CVSS5.8AI score0.00456EPSS
Exploits2
Zero Science Lab
Zero Science Lab
added 2023/03/28 12:0 a.m.249 views

Sielco Analog FM Transmitter 2.12 Remote Privilege Escalation

Summary Sielco designs and produces FM radio transmitters for professional broadcasting. The in-house laboratory develops standard and customised solutions to meet all needs. Whether digital or analogue, each product is studied to ensure reliability, resistance over time and a high standard of...

8.8CVSS7.3AI score0.00596EPSS
Exploits2
Zero Science Lab
Zero Science Lab
added 2022/10/16 12:0 a.m.186 views

MiniDVBLinux 5.4 Unauthenticated Stream Disclosure Vulnerability

Summary MiniDVBLinuxTM Distribution MLD. MLD offers a simple way to convert a standard PC into a Multi Media Centre based on the Video Disk Recorder VDR by Klaus Schmidinger. Features of this Linux based Digital Video Recorder: Watch TV, Timer controlled recordings, Time Shift, DVD and MP3 Replay...

5.8AI score
Exploits0
Zero Science Lab
Zero Science Lab
added 2021/08/15 12:0 a.m.543 views

COMMAX CVD-Axx DVR 5.1.4 Weak Default Credentials Stream Disclosure

Summary COMMAX offers a wide range of proven AHD CCTV systems to meet customer needs and convenience in single or multi-family homes. Description The web control panel uses weak set of default administrative credentials that can be easily guessed in remote password attacks and disclose RTSP strea...

5.8AI score
Exploits0
Zero Science Lab
Zero Science Lab
added 2021/08/15 12:0 a.m.477 views

COMMAX Biometric Access Control System 1.0.0 Authentication Bypass

Summary Biometric access control system. Description The application suffers from an authentication bypass vulnerability. An unauthenticated attacker through cookie poisoning can bypass authentication and disclose sensitive information and circumvent physical controls in smart homes and buildings...

5.8AI score
Exploits0
Zero Science Lab
Zero Science Lab
added 2021/01/26 12:0 a.m.55 views

STVS ProVision 5.9.10 (archive.rb) Authenticated File Disclosure Vulnerability

Summary STVS is a Swiss company specializing in development of software for digital video recording for surveillance cameras as well as the establishment of powerful and user-friendly IP video surveillance networks. Description The NVR software ProVision suffers from an authenticated arbitrary fi...

5.8AI score
Exploits0
Zero Science Lab
Zero Science Lab
added 2018/07/17 12:0 a.m.607 views

Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway Hidden Features

Summary The new IPn4Gb provides a rugged, industrial strength wireless solution using the new and ultra fast 4G LTE cellular network infrastructure. The IPn4Gb features integrated Firewall, IPSec / VPN & GRE Tunneling, IP/MAC Access Control Lists. The IPn4Gb can transport critical data to and fro...

6AI score
Exploits0
Hacker One
Hacker One
added 2018/05/20 2:35 p.m.58 views

Internet Bug Bounty: [CVE-2018-6913] heap-buffer-overflow in S_pack_rec

pack may cause a heap buffer write overflow with a large item count. Reported to the Perl security mailing list on 5 Aug 2017. Confirmed as a security flaw by TonyC on 30 Jan 2018 CVE-2018-6913 assigned to this flaw on 11 Feb 2018 Public security advisory released on 14 April 2018...

7.5CVSS9.1AI score0.10866EPSS
Exploits0
Hacker One
Hacker One
added 2018/04/14 5:22 p.m.59 views

Internet Bug Bounty: CVE-2018-6797: A crafted regular expression can cause a heap buffer write overflow in Perl 5 giving a remote attacker control over bytes written

An attacker supplies a regular expression containing one or more \xDF characters after an escape putting the regexp into unicode matching mode, such as a \N escape. Each \xDF character adds one byte of overflow, and any other text in the regular expression is written in order, providing the...

7.5CVSS9AI score0.06599EPSS
Exploits0
Zero Science Lab
Zero Science Lab
added 2018/03/31 12:0 a.m.550 views

VideoFlow Digital Video Protection DVP 10 Authenticated Directory Traversal

Summary VideoFlow's Digital Video Protection DVP product is used by leading companies worldwide to boost the reliability of IP networks, including the public Internet, for professional live broadcast. DVP enables broadcast companies to confidently contribute and distribute live video over IP with...

7.1CVSS5.8AI score0.00543EPSS
Exploits1
Zero Science Lab
Zero Science Lab
added 2016/12/29 12:0 a.m.148 views

Dell SonicWALL Global Management System (GMS) 8.1 Adobe Flex SOP Bypass

Summary Provide your organization, distributed enterprise or managed service offering with an intuitive, powerful way to rapidly deploy and centrally manage SonicWall solutions, with SonicWall GMS. Get more value from your firewall, secure remote access, anti-spam, and backup and recovery solutio...

4.3CVSS5.7AI score0.07973EPSS
Exploits5
Zero Science Lab
Zero Science Lab
added 2016/02/29 12:0 a.m.45 views

Crouzet em4 soft 1.1.04 and M3 soft 3.1.2.0 Insecure File Permissions

Summary em4 is more than just a nano-PLC. It is a leading edge device supported by best-in-class tools that enables you to create and implement the smartest automation applications. Millenium 3 M3 is easy to program and to implement, it enables the control and monitoring of machines and automatio...

5.7AI score
Exploits0
Rows per page
Query Builder