Lucene search
K

404 matches found

ATTACKERKB
ATTACKERKB
added 2019/05/29 12:0 a.m.855 views

Zimbra Collaboration Suite Autodiscover XXE

Zimbra’s handling of Autodiscover requests is vulnerable to XML external entity attacks, which could allow file contents to be retrieved from the remote system. Recent assessments: jrobles-r7 at May 09, 2019 5:57pm UTC reported: Details According to the blog post A Saga of Code Executions on Zimb...

9.8CVSS9.2AI score0.99986EPSS
Exploits4References3
OSV
OSV
added 2019/05/23 4:29 p.m.4 views

CVE-2017-11740

In Zoho ManageEngine Application Manager 13.1 Build 13100, the administrative user has the ability to upload files/binaries that can be executed upon the occurrence of an alarm. An attacker can abuse this functionality by uploading a malicious script that can be executed on the remote system...

8.8CVSS5.8AI score0.03071EPSS
Exploits1References3
NVD
NVD
added 2019/05/23 4:29 p.m.23 views

CVE-2017-11740

In Zoho ManageEngine Application Manager 13.1 Build 13100, the administrative user has the ability to upload files/binaries that can be executed upon the occurrence of an alarm. An attacker can abuse this functionality by uploading a malicious script that can be executed on the remote system...

8.8CVSS8.7AI score0.03071EPSS
Exploits1References3
NVD
NVD
added 2019/05/02 5:29 p.m.27 views

CVE-2017-18369

The Billion 5200W-T 1.02b.rc5.dt49 router distributed by TrueOnline has a command injection vulnerability in the Remote System Log forwarding function, which is accessible by an unauthenticated user. The vulnerability is in the advremotelog.asp page and can be exploited through the syslogServerAd...

10CVSS9.8AI score0.67644EPSS
Exploits2References3
NVD
NVD
added 2019/05/02 5:29 p.m.28 views

CVE-2017-18368

The ZyXEL P660HN-T1A v1 TCLinux Fw $7.3.15.0 v001 / 3.40ULM.0b31 router distributed by TrueOnline has a command injection vulnerability in the Remote System Log forwarding function, which is accessible by an unauthenticated user. The vulnerability is in the ViewLog.asp page and can be exploited...

10CVSS9.9AI score0.94508EPSS
Exploits2References6
Prion
Prion
added 2019/05/02 5:29 p.m.21 views

Command injection

The ZyXEL P660HN-T1A v2 TCLinux Fw 7.3.37.6 router distributed by TrueOnline has a command injection vulnerability in the Remote System Log forwarding function, which is only accessible by an authenticated user. The vulnerability is in the logSet.asp page and can be exploited through the ServerIP...

9CVSS9.5AI score0.22909EPSS
Exploits3References5Affected Software3
Prion
Prion
added 2019/05/02 5:29 p.m.24 views

Command injection

The ZyXEL P660HN-T1A v1 TCLinux Fw $7.3.15.0 v001 / 3.40ULM.0b31 router distributed by TrueOnline has a command injection vulnerability in the Remote System Log forwarding function, which is accessible by an unauthenticated user. The vulnerability is in the ViewLog.asp page and can be exploited...

10CVSS9.8AI score0.94508EPSS
Exploits2References5Affected Software3
NVD
NVD
added 2019/05/02 5:29 p.m.23 views

CVE-2017-18370

The ZyXEL P660HN-T1A v2 TCLinux Fw 7.3.37.6 router distributed by TrueOnline has a command injection vulnerability in the Remote System Log forwarding function, which is only accessible by an authenticated user. The vulnerability is in the logSet.asp page and can be exploited through the ServerIP...

9CVSS9.5AI score0.22909EPSS
Exploits2References5
Prion
Prion
added 2019/05/02 5:29 p.m.24 views

Command injection

The Billion 5200W-T 1.02b.rc5.dt49 router distributed by TrueOnline has a command injection vulnerability in the Remote System Log forwarding function, which is accessible by an unauthenticated user. The vulnerability is in the advremotelog.asp page and can be exploited through the syslogServerAd...

10CVSS9.7AI score0.67644EPSS
Exploits2References3Affected Software1
Cvelist
Cvelist
added 2019/05/02 4:14 p.m.29 views

CVE-2017-18370

The ZyXEL P660HN-T1A v2 TCLinux Fw 7.3.37.6 router distributed by TrueOnline has a command injection vulnerability in the Remote System Log forwarding function, which is only accessible by an authenticated user. The vulnerability is in the logSet.asp page and can be exploited through the ServerIP...

9.5AI score0.22909EPSS
Exploits2References5
Cvelist
Cvelist
added 2019/05/02 4:14 p.m.39 views

CVE-2017-18368

The ZyXEL P660HN-T1A v1 TCLinux Fw $7.3.15.0 v001 / 3.40ULM.0b31 router distributed by TrueOnline has a command injection vulnerability in the Remote System Log forwarding function, which is accessible by an unauthenticated user. The vulnerability is in the ViewLog.asp page and can be exploited...

9.9AI score0.94508EPSS
Exploits2References5
Vulnrichment
Vulnrichment
added 2019/05/02 4:14 p.m.9 views

CVE-2017-18368

The ZyXEL P660HN-T1A v1 TCLinux Fw $7.3.15.0 v001 / 3.40ULM.0b31 router distributed by TrueOnline has a command injection vulnerability in the Remote System Log forwarding function, which is accessible by an unauthenticated user. The vulnerability is in the ViewLog.asp page and can be exploited...

9.9AI score0.94508EPSS
Exploits2References5
CVE
CVE
added 2019/05/02 4:14 p.m.498 views

CVE-2017-18368

CVE-2017-18368 describes a command injection in the ZyXEL P660HN-T1A router family (v1/v2; and Billion 5200W-T per Nessus) via the Remote System Log forwarding ViewLog.asp page, exploitable by an unauthenticated user through the remote_host parameter. Affected firmware exists on ZyXEL TCLinux dev...

10CVSS9.8AI score0.94508EPSS
In wildExploits2References6Affected Software1
ATTACKERKB
ATTACKERKB
added 2019/05/02 12:0 a.m.127 views

CVE-2017-18370

The ZyXEL P660HN-T1A v2 TCLinux Fw 7.3.37.6 router distributed by TrueOnline has a command injection vulnerability in the Remote System Log forwarding function, which is only accessible by an authenticated user. The vulnerability is in the logSet.asp page and can be exploited through the ServerIP...

9.8CVSS3.5AI score0.22909EPSS
In wildExploits3References6
Positive Technologies
Positive Technologies
added 2019/05/02 12:0 a.m.6 views

PT-2019-6463 · Zyxel · Zyxel P660Hn-T1A

Name of the Vulnerable Software and Affected Versions: ZyXEL P660HN-T1A versions $7.3.15.0 v001 / 3.40ULM.0b31 Description: The issue is related to a command injection vulnerability in the Remote System Log forwarding function of the ZyXEL P660HN-T1A router. This vulnerability is accessible throu...

10CVSS9.5AI score0.94508EPSS
Exploits2References28
ATTACKERKB
ATTACKERKB
added 2019/05/02 12:0 a.m.49 views

CVE-2017-18368

The ZyXEL P660HN-T1A v1 TCLinux Fw $7.3.15.0 v001 / 3.40ULM.0b31 router distributed by TrueOnline has a command injection vulnerability in the Remote System Log forwarding function, which is accessible by an unauthenticated user. The vulnerability is in the ViewLog.asp page and can be exploited...

10CVSS9.6AI score0.94508EPSS
In wildExploits2References7
Veracode
Veracode
added 2019/01/15 9:15 a.m.28 views

Command Execution Through Compromised Remote Hosts

ansible is vulnerable to command execution through a comprised remote system. A compromised remote system managed through ansible can lead to commands being executed on the ansible controller when the user is running the ansible or ansible-playbook command...

8.1CVSS8AI score0.1765EPSS
Exploits5References35Affected Software6
Prion
Prion
added 2018/11/08 2:29 p.m.17 views

Design/Logic Flaw

A vulnerability in the secryptocfg export command of Brocade Fabric OS versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow a local attacker to bypass the export file access restrictions and initiate a file copy from the source to a remote system...

2.1CVSS6.3AI score0.00342EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2018/11/08 2:29 p.m.19 views

CVE-2018-6433

A vulnerability in the secryptocfg export command of Brocade Fabric OS versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow a local attacker to bypass the export file access restrictions and initiate a file copy from the source to a remote system...

5.5CVSS6.4AI score0.00342EPSS
Exploits0References1
OSV
OSV
added 2018/11/08 2:29 p.m.4 views

CVE-2018-6433

A vulnerability in the secryptocfg export command of Brocade Fabric OS versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow a local attacker to bypass the export file access restrictions and initiate a file copy from the source to a remote system...

5.5CVSS5.8AI score0.00342EPSS
Exploits0References1
Rows per page
Query Builder