137 matches found
Lindy 42633 Elevation of Privilege Vulnerability
The Lindy 42633 is a 4-port USB 2.0 Gigabit network server. An elevation of privilege vulnerability exists in the Lindy 42633 2.078.000. The vulnerability stems from the ability to discover the administrative password by sniffing unencrypted UDP traffic. An attacker on the same network could use...
TP-Link TL-PS310U Denial of Service Vulnerability
The TP-Link TL-PS310U is a single USB 2.0 port MFP and storage server. A denial of service vulnerability exists in versions prior to TP-Link TL-PS310U 2.079.000.t0210, which can be exploited by an attacker on the same network with a long input value to cause the device to deny service...
TP-Link TL-PS310U Authentication Bypass Vulnerability
The TP-Link TL-PS310U is a single USB 2.0 port MFP and storage server. An authentication bypass vulnerability exists in versions prior to TP-Link TL-PS310U 2.079.000.t0210, which can be exploited by an attacker on the same network to bypass authentication via a Web management request that lacks...
Lindy 42633 Denial of Service Vulnerability
The Lindy 42633 is a 4-port USB 2.0 Gigabit network server. A denial of service vulnerability exists in the Lindy 42633 2.078.000. An attacker on the same network can exploit this vulnerability by entering a long value to cause the device to deny service...
CVE-2020-15059
Lindy 42633 4-Port USB 2.0 Gigabit Network Server 2.078.000 devices allow an attacker on the same network to bypass authentication via a web-administration request that lacks a password parameter...
CVE-2020-15060
Lindy 42633 4-Port USB 2.0 Gigabit Network Server 2.078.000 devices allow an attacker on the same network to conduct persistent XSS attacks by leveraging administrative privileges to set a crafted server name...
CVE-2020-15061
Lindy 42633 4-Port USB 2.0 Gigabit Network Server 2.078.000 devices allow an attacker on the same network to denial-of-service the device via long input values...
CVE-2020-15055
TP-Link USB Network Server TL-PS310U devices before 2.079.000.t0210 allow an attacker on the same network to bypass authentication via a web-administration request that lacks a password parameter...
CVE-2020-15057
TP-Link USB Network Server TL-PS310U devices before 2.079.000.t0210 allow an attacker on the same network to denial-of-service the device via long input values...
CVE-2020-1825
FusionAccess with versions earlier than 6.5.1.SPC002 have a Denial of Service DoS vulnerability. Due to insufficient verification on specific input, attackers can exploit this vulnerability by sending constructed messages to the affected device through another device on the same network. Successf...
CVE-2020-4307
IBM Security Guardium 11.1 could allow an attacker on the same network to gain access to the Solr dashboard and cause a denial of service attack. IBM X-Force ID: 176997...
kernel: heap overflow in mwifiex_update_vs_ie() function of Marvell WiFi driver
A vulnerability was found in the Linux kernel's Marvell WiFi chip driver. Where, while parsing vendor-specific informational attributes, an attacker on the same WiFi physical network segment could cause a system crash, resulting in a denial of service, or potentially execute arbitrary code. This...
CVE-2020-5546
Improper Neutralization of Argument Delimiters in a Command 'Argument Injection' vulnerability in TCP function included in the firmware of Mitsubishi Electric MELQIC IU1 series IU1-1M20-D firmware version 1.0.7 and earlier allows an attacker on the same network segment to stop the network functio...
kernel: heap overflow in mwifiex_update_vs_ie() function of Marvell WiFi driver
A vulnerability was found in the Linux kernel's Marvell WiFi chip driver. Where, while parsing vendor-specific informational attributes, an attacker on the same WiFi physical network segment could cause a system crash, resulting in a denial of service, or potentially execute arbitrary code. This...
kernel: heap overflow in mwifiex_update_vs_ie() function of Marvell WiFi driver
A vulnerability was found in the Linux kernel's Marvell WiFi chip driver. Where, while parsing vendor-specific informational attributes, an attacker on the same WiFi physical network segment could cause a system crash, resulting in a denial of service, or potentially execute arbitrary code. This...
CVE-2020-5525
Aterm series Aterm WF1200C firmware Ver1.2.1 and earlier, Aterm WG1200CR firmware Ver1.2.1 and earlier, Aterm WG2600HS firmware Ver1.3.2 and earlier allows an authenticated attacker on the same network segment to execute arbitrary OS commands with root privileges via management screen...
CVE-2020-5524
Aterm series Aterm WF1200C firmware Ver1.2.1 and earlier, Aterm WG1200CR firmware Ver1.2.1 and earlier, Aterm WG2600HS firmware Ver1.3.2 and earlier allows an attacker on the same network segment to execute arbitrary OS commands with root privileges via UPnP function...
kernel: heap overflow in mwifiex_update_vs_ie() function of Marvell WiFi driver
A vulnerability was found in the Linux kernel's Marvell WiFi chip driver. Where, while parsing vendor-specific informational attributes, an attacker on the same WiFi physical network segment could cause a system crash, resulting in a denial of service, or potentially execute arbitrary code. This...
kernel: heap overflow in mwifiex_update_vs_ie() function of Marvell WiFi driver
A vulnerability was found in the Linux kernel's Marvell WiFi chip driver. Where, while parsing vendor-specific informational attributes, an attacker on the same WiFi physical network segment could cause a system crash, resulting in a denial of service, or potentially execute arbitrary code. This...
kernel: heap overflow in mwifiex_update_vs_ie() function of Marvell WiFi driver
A vulnerability was found in the Linux kernel's Marvell WiFi chip driver. Where, while parsing vendor-specific informational attributes, an attacker on the same WiFi physical network segment could cause a system crash, resulting in a denial of service, or potentially execute arbitrary code. This...