UBUNTU-CVE-2023-30801

All versions of the qBittorrent client through 4.5.5 use default credentials when the web user interface is enabled. The administrator is not forced to change the default credentials. As of 4.5.5, this issue has not been fixed. A remote attacker can use the default credentials to authenticate and...

qBittorrent Trust Management Issues Vulnerabilities

qBittorrent is a cross-platform lightweight BitTorrent client. A security vulnerability exists in qBittorrent 4.5.5 and earlier versions, which stems from the use of default credentials, and can be used by a remote attacker to execute arbitrary operating system commands...

PT-2023-8956

Name of the Vulnerable Software and Affected Versions qBittorrent versions 4.5.5 and earlier Description The issue is related to the use of default credentials when the web user interface is enabled, allowing a remote attacker to authenticate and execute arbitrary operating system commands using...

Ericsson Erlang Security Vulnerability

Ericsson Erlang is a general-purpose concurrency-oriented programming language from Ericsson Sweden. A security vulnerability exists in Ericsson Erlang version 0.7.2, which originates from a remote attacker with low privileges who can access an improperly protected default installation without...

F5 BIG-IP 代码问题漏洞

F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, and remote access policy management. F5 BIG-IP suffers from an insufficient session expiration vulnerability, which can be exploited by an attacker to reuse sessio...

CVE-2023-45312

In the mtprotoproxy aka MTProto proxy component through 0.7.2 for Erlang, a low-privileged remote attacker can access an improperly secured default installation without authenticating and achieve remote command execution ability...

PT-2023-29493 · Unknown · Mtproto Proxy

Name of the Vulnerable Software and Affected Versions: mtproto proxy versions through 0.7.2 Description: A low-privileged remote attacker can access an improperly secured default installation without authenticating and achieve remote command execution ability. Recommendations: For versions throug...

CVE-2023-45312

The CVE-2023-45312 issue affects the mtproto_proxy (MTProto proxy) component for Erlang up to version 0.7.2, where a low-privileged remote attacker can access a default installation without authentication and achieve remote command execution. Public disclosures in Red Hat, GHSA, OSV, CVE lists co...

VulnCheck KEV: CVE-2021-33548

Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to command injection, which may allow an attacker to remotely execute arbitrary code...

Facebook Tacacs+ Security Breach

Facebook Tacacs+ is a daemon library from Facebook Inc. in the United States. A security vulnerability exists in versions prior to Facebook Tacacs+ 4fdf178, which stems from a lack of input validation, leading to a remote command execution vulnerability...

Vulnerability of the /log/webmailattach.php script in the DAR-7000 router microprogramming system, allowing attackers to execute arbitrary commands

The vulnerability of the /log/webmailattach.php script in the DAR-7000 router microprogramming system is related to the unlimited loading of dangerous files. Exploiting this vulnerability allows an attacker to execute arbitrary commands remotely...

The vulnerability in the /sysmanage/updateos.php script of the DAR-7000 router’s microprogramming software allows a attacker to execute arbitrary commands.

The vulnerability in the /sysmanage/updateos.php script of the DAR-7000 router’s microprogramming system involves unlimited loading of dangerous files. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

Fedora 38 : pgadmin4 (2023-8cc61c8b14)

The remote Fedora 38 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-8cc61c8b14 advisory. Backport fix for CVE-2023-5002. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

The vulnerability of the microprogrammed software of TP-Link Archer AX50, Archer A10, Archer AX10, and Archer AX11000 Wi-Fi routers exists due to the lack of measures taken to neutralize special elements used in the operating system. This vulnerability allows a hacker to execute arbitrary commands in the operating system.

The vulnerability of TP-Link Archer AX50, Archer A10, Archer AX10, and Archer AX11000 Wi-Fi routers exists due to the lack of measures taken to neutralize specific components used in the operating system. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands in the...

The vulnerability in the /useratte/userattestation.php script of the D-Link DAR-7000 router’s microprogramming software allows a hacker to execute arbitrary commands.

The vulnerability of the D-Link DAR-7000 router’s microprogramming software, located in the /useratte/userattestation.php script, involves unlimited loading of dangerous files. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

The vulnerability in the importexport.php script of the D-Link DAR-8000 router’s software allows a hacker to execute arbitrary commands.

The vulnerability of the importexport.php script in the D-Link DAR-8000 router microprogramming system is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows an attacker to execute arbitrary commands remotely...

The vulnerability in the /sysmanage/updatelib.php script of the D-Link DAR-8000 and DAR-7000 routers allows a hacker to execute arbitrary commands.

The vulnerability in the /sysmanage/updatelib.php script of the D-Link DAR-8000 and DAR-7000 routers stems from the ability to download files of a malicious nature without limitation. Exploiting this vulnerability could allow an attacker to execute arbitrary commands remotely...

The vulnerability of the /autheditpwd.php script in the D-Link DAR-8000 router microprogramming system, allowing a hacker to execute arbitrary commands.

The vulnerability of the /autheditpwd.php script in the D-Link DAR-8000 router microprogramming system is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows an attacker to execute arbitrary commands remotely...

The vulnerability in the /sysmanage/changelogo.php script of the D-Link DAR-8000 router’s microprogramming software allows a hacker to execute arbitrary commands.

The vulnerability in the /sysmanage/changelogo.php script of the D-Link DAR-8000 router’s microprogramming system is related to the unlimited loading of dangerous files. Exploiting this vulnerability could allow a remote attacker to execute arbitrary commands...

Vulnerability of the /Tool/uploadfile.php script in D-Link DAR-8000 and DAR-7000 router microprogramming software, allowing attackers to execute arbitrary commands

The vulnerability of the /Tool/uploadfile.php script in D-Link’s DAR-8000 and DAR-7000 router microprogramming systems relates to the ability to download files of a malicious nature without limitation. Exploiting this vulnerability could allow an attacker to execute arbitrary commands remotely...