53 matches found
EUVD-2018-0804
Malware in sbrugna...
CVE-2023-5880
When the Genie Company Aladdin Connect garage door opener Retrofit-Kit Model ALDCM is placed into configuration mode the web servers “Garage Door Control Module Setup” page is vulnerable to XSS via a broadcast SSID name containing malicious code with client side Java Script and/or HTML. This allo...
CVE-2023-5881
Unauthenticated access permitted to web interface page The Genie Company Aladdin Connect Retrofit-Kit Model ALDCM "Garage Door Control Module Setup" and modify the Garage door's SSID settings...
CVE-2023-5881
Unauthenticated access permitted to web interface page The Genie Company Aladdin Connect Retrofit-Kit Model ALDCM "Garage Door Control Module Setup" and modify the Garage door's SSID settings...
CVE-2023-5881 Unauthenticated access permitted to web interface page "Garage Door Control Module Setup"
Unauthenticated access permitted to web interface page The Genie Company Aladdin Connect Retrofit-Kit Model ALDCM "Garage Door Control Module Setup" and modify the Garage door's SSID settings...
CVE-2023-5881 Unauthenticated access permitted to web interface page "Garage Door Control Module Setup"
Unauthenticated access permitted to web interface page The Genie Company Aladdin Connect Retrofit-Kit Model ALDCM "Garage Door Control Module Setup" and modify the Garage door's SSID settings...
CVE-2023-5880 Cross-site Scripting (XSS) injected into Aladdin Connect garage door opener (Retrofit-Kit) configuration setup webserver console via broadcast SSID name
When the Genie Company Aladdin Connect garage door opener Retrofit-Kit Model ALDCM is placed into configuration mode the web servers “Garage Door Control Module Setup” page is vulnerable to XSS via a broadcast SSID name containing malicious code with client side Java Script and/or HTML. This allo...
CVE-2023-5880
CVE-2023-5880 affects Genie Aladdin Connect Retrofit-Kit (Model ALDCM). When the device is in configuration mode, the web server page “Garage Door Control Module Setup” is vulnerable to cross-site scripting via a broadcast SSID name containing HTML/JavaScript, enabling injection of code into a us...
CVE-2023-5880 Cross-site Scripting (XSS) injected into Aladdin Connect garage door opener (Retrofit-Kit) configuration setup webserver console via broadcast SSID name
When the Genie Company Aladdin Connect garage door opener Retrofit-Kit Model ALDCM is placed into configuration mode the web servers “Garage Door Control Module Setup” page is vulnerable to XSS via a broadcast SSID name containing malicious code with client side Java Script and/or HTML. This allo...
Genie Aladdin Connect Retrofit Garage Door Opener: Multiple Vulnerabilities
Rapid7, Inc. Rapid7 discovered vulnerabilities in Aladdin Connect retrofit kit garage door opener and Android mobile application produced by Genie. The affected products are: Aladdin Garage door smart retrofit kit, Model ALDCM Android Mobile application ALADDIN Connect, Version 5.65 Build 2075...
PT-2024-14839 · Genie Company · Aladdin Connect
Name of the Vulnerable Software and Affected Versions: The Genie Company Aladdin Connect Retrofit-Kit Model ALDCM affected versions not specified Description: Unauthenticated access is permitted to the web interface page "Garage Door Control Module Setup" of The Genie Company Aladdin Connect...
Genie Aladdin Connect garage door opener Cross-site scripting vulnerability
Genie Aladdin Connect garage door opener is a garage door opener from Genie. A security vulnerability exists in the Genie Aladdin Connect garage door opener Retrofit-Kit Model ALDCM that stems from a cross-site scripting XSS vulnerability on the Garage Door Control Module Setup page...
PT-2024-14838 · Genie Company · Aladdin Connect
Name of the Vulnerable Software and Affected Versions: Genie Company Aladdin Connect garage door opener Retrofit-Kit Model ALDCM affected versions not specified Description: The Genie Company Aladdin Connect garage door opener is vulnerable to XSS via a broadcast SSID name containing malicious co...
Genie Aladdin Connect Access Control Error Vulnerability
Genie Aladdin Connect is a garage door controller from Genie. An access control error vulnerability exists in Genie Aladdin Connect Retrofit-Kit Model ALDCM that originates from allowing an unauthenticated attacker to access the SSID settings on the Garage Door Control Module Setup page...
CVE-2023-33220
During the retrofit validation process, the firmware doesn't properly check the boundaries while copying some attributes to check. This allows a stack-based buffer overflow that could lead to a potential Remote Code Execution on the targeted device...
CVE-2023-33220
During the retrofit validation process, the firmware doesn't properly check the boundaries while copying some attributes to check. This allows a stack-based buffer overflow that could lead to a potential Remote Code Execution on the targeted device...
CVE-2023-33219
The handler of the retrofit validation command doesn't properly check the boundaries when performing certain validation operations. This allows a stack-based buffer overflow that could lead to a potential Remote Code Execution on the targeted device...
Stack overflow
The handler of the retrofit validation command doesn't properly check the boundaries when performing certain validation operations. This allows a stack-based buffer overflow that could lead to a potential Remote Code Execution on the targeted device...
Stack overflow
During the retrofit validation process, the firmware doesn't properly check the boundaries while copying some attributes to check. This allows a stack-based buffer overflow that could lead to a potential Remote Code Execution on the targeted device...
CVE-2023-33220
CVE-2023-33220 concerns a vulnerability in firmware during the retrofit validation process where boundaries are not properly checked when copying attributes. This results in a stack-based buffer overflow, potentially enabling Remote Code Execution on the targeted device. The vulnerability is desc...