758 matches found
PT-2023-7954 · D Link · D-Link G416
Name of the Vulnerable Software and Affected Versions: D-Link G416 affected versions not specified Description: This issue allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 wireless routers. The specific flaw exists within the HTTP service...
PT-2023-8303 · D Link · D-Link Dir-X3260
Name of the Vulnerable Software and Affected Versions: D-Link DIR-X3260 affected versions not specified Description: This issue allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. The flaw exists within the prog.cgi binary, which...
PT-2023-3805 · Sonicwall · Sonicwall Gms +1
Name of the Vulnerable Software and Affected Versions: SonicWall GMS versions 9.3.2-SP1 and earlier SonicWall Analytics versions 2.5.0.4-R7 and earlier Description: The issue exists due to improper neutralization of special elements used in an OS command, allowing an authenticated attacker to...
CVE-2023-36750
A vulnerability has been identified in RUGGEDCOM ROX MX5000 All versions V2.16.0, RUGGEDCOM ROX MX5000RE All versions V2.16.0, RUGGEDCOM ROX RX1400 All versions V2.16.0, RUGGEDCOM ROX RX1500 All versions V2.16.0, RUGGEDCOM ROX RX1501 All versions V2.16.0, RUGGEDCOM ROX RX1510 All versions V2.16.0...
CVE-2023-36754
A vulnerability has been identified in RUGGEDCOM ROX MX5000 All versions V2.16.0, RUGGEDCOM ROX MX5000RE All versions V2.16.0, RUGGEDCOM ROX RX1400 All versions V2.16.0, RUGGEDCOM ROX RX1500 All versions V2.16.0, RUGGEDCOM ROX RX1501 All versions V2.16.0, RUGGEDCOM ROX RX1510 All versions V2.16.0...
Siemens RUGGEDCOM ROX 系列多款产品 命令注入漏洞
RUGGEDCOM products offer a degree of robustness and reliability that sets the standard for communication networks deployed in harsh environments. A command injection vulnerability exists in the Siemens RUGGEDCOM ROX, which stems from a lack of server-side input validation, making the uninstall-ap...
PT-2023-8214 · D Link · D-Link G416
Name of the Vulnerable Software and Affected Versions: D-Link G416 affected versions not specified Description: The issue is related to a stack-based buffer overflow in the httpd API-AUTH Timestamp Processing function of the D-Link G416 router's HTTP microprogram. This can be exploited by a remot...
PT-2023-8308 · D Link · D-Link Dir-X3260
Name of the Vulnerable Software and Affected Versions: D-Link DIR-X3260 affected versions not specified Description: This issue allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. The specific flaw exists within the prog.cgi binary,...
CVE-2023-20189
Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service DoS condition or execute arbitrary code with root privileges on an affected device. These vulnerabilities are due t...
CVE-2023-20161
Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service DoS condition or execute arbitrary code with root privileges on an affected device. These vulnerabilities are due t...
CVE-2023-20158
Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service DoS condition or execute arbitrary code with root privileges on an affected device. These vulnerabilities are due t...
CVE-2023-20157
Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service DoS condition or execute arbitrary code with root privileges on an affected device. These vulnerabilities are due t...
CVE-2023-20156
Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service DoS condition or execute arbitrary code with root privileges on an affected device. These vulnerabilities are due t...
PT-2023-2830 · Cisco · Cisco Small Business Series Switches
Name of the Vulnerable Software and Affected Versions: Cisco Small Business Series Switches affected versions not specified Description: The issue is related to insufficient protection of service data in the web interface of Cisco Small Business Series Switches. It may allow a remote attacker to...
The vulnerability of the libcms_cli module in NETGEAR RAX30 router microprogramming software allows a hacker to execute arbitrary code in the root context.
The vulnerability of the libcmscli module in NETGEAR RAX30 router microprogramming software is related to the lack of measures for cleaning input data. Exploiting this vulnerability could allow an attacker to execute arbitrary code in the root context...
The vulnerability of NETGEAR RAX30 router microprogramming software lies in the lack of proper verification of the length of user data before it is copied into the fixed-length stack buffer. This allows a hacker to execute arbitrary code in the context of the root user.
The vulnerability of NETGEAR RAX30 router microprogramming software lies in the lack of proper verification of the length of user data before it is copied into the fixed-length stack buffer. Exploiting this vulnerability allows a remote attacker to execute arbitrary code in the root context using...
PT-2023-3300 · Tp Link · Tp-Link Archer Ax21
Name of the Vulnerable Software and Affected Versions: TP-Link Archer AX21 AX1800 versions affected versions not specified Description: This issue allows remote attackers to gain access to LAN-side services on affected installations of TP-Link Archer AX21 routers. Authentication is not required t...
CVE-2023-27352
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Sonos One Speaker 70.3-35220. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of the SMB directory query command. The issue...
CVE-2023-27353
This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Sonos One Speaker 70.3-35220. Authentication is not required to exploit this vulnerability. The specific flaw exists within the msprox endpoint. The issue results from the lack of...
CVE-2023-20864
VMware Aria Operations for Logs contains a deserialization vulnerability. An unauthenticated, malicious actor with network access to VMware Aria Operations for Logs may be able to execute arbitrary code as root...