23 matches found
CVE-2019-25281
NCP Secure Entry Client 9.2 contains an unquoted service path vulnerability in multiple Windows services that allows local users to potentially execute arbitrary code. Attackers can exploit the unquoted paths in services like ncprwsnt, rwsrsu, ncpclcfg, and NcpSec to inject malicious code that...
NCP Secure Entry Client 代码问题漏洞
NCP Secure Entry Client is a remote client connection software developed by the German company NCP. Version 9.2 of NCP Secure Entry Client contains a code vulnerability. This vulnerability stems from service paths in multiple Windows services that are not enclosed in quotes. This could allow loca...
CVE-2019-25281 NCP_Secure_Entry_Client 9.2 - Unquoted Service Paths
NCP Secure Entry Client 9.2 contains an unquoted service path vulnerability in multiple Windows services that allows local users to potentially execute arbitrary code. Attackers can exploit the unquoted paths in services like ncprwsnt, rwsrsu, ncpclcfg, and NcpSec to inject malicious code that...
CVE-2019-25281
CVE-2019-25281 concerns NCP Secure Entry Client 9.2. The issue is an unquoted service path vulnerability in multiple Windows services (e.g., ncprwsnt, rwsrsu, ncpclcfg, NcpSec) that can be exploited to inject and execute code with LocalSystem privileges during service startup. Exploitation is des...
EUVD-2019-19384
NCP Secure Entry Client 9.2 contains an unquoted service path vulnerability in multiple Windows services that allows local users to potentially execute arbitrary code. Attackers can exploit the unquoted paths in services like ncprwsnt, rwsrsu, ncpclcfg, and NcpSec to inject malicious code that...
PT-2026-5810
Name of the Vulnerable Software and Affected Versions NCP Secure Entry Client version 9.2 Description NCP Secure Entry Client 9.2 contains a flaw due to unquoted service paths in multiple Windows services. This allows local users to potentially execute arbitrary code. Specifically, attackers can...
CVE-2025-26155
NCP Secure Enterprise Client 13.18 and NCP Secure Entry Windows Client 13.19 have an Untrusted Search Path vulnerability...
NCP Secure Enterprise Client和NCP Secure Entry Windows Client 安全漏洞
NCP Secure Enterprise Client and NCP Secure Entry Windows Client are both products of the German company NCP.NCP Secure Enterprise Client is a VPN Virtual Private Network client application.NCP Secure Entry NCP Secure Enterprise Client is a VPN Virtual Private Network client application.NCP Secur...
CVE-2025-26155
NCP Secure Enterprise Client 13.18 and NCP Secure Entry Windows Client 13.19 have an Untrusted Search Path vulnerability...
EUVD-2013-2703
Malware in sbrugna...
CVE-2010-5203
Multiple untrusted search path vulnerabilities in NCP Secure Enterprise Client before 9.21 Build 68, Secure Entry Client before 9.23 Build 18, and Secure Client - Juniper Edition before 9.23 Build 18 allow local users to gain privileges via a Trojan horse 1 dvccsabase002.dll, 2 conman.dll, 3...
CVE-2013-2764
Secure Entry Server before 4.7.0 contains a URI Redirection vulnerability which could allow remote attackers to conduct phishing attacks due to HSPAbsoluteRedirects being disabled by default...
CVE-2013-2764
Secure Entry Server before 4.7.0 contains a URI Redirection vulnerability which could allow remote attackers to conduct phishing attacks due to HSPAbsoluteRedirects being disabled by default...
CVE-2013-2764
Secure Entry Server (SES) before version 4.7.0 contains a URI redirection vulnerability due to HSP_AbsoluteRedirects being disabled by default, enabling remote phishing-like redirects. The issue affects SES components handling redirects and can redirect to non-fully-qualified URLs. A fix is avail...
NCP Secure Entry Client 9.2 - Unquoted Service Paths Vulnerability
Exploit Title: NCPSecureEntryClient 9.2 - Unquoted Service Paths Exploit Author: Akif Mohamed Ik Vendor Homepage: http://software.ncp-e.com/ Software Link: http://software.ncp-e.com/NCPSecureEntryClient/Windows/9.2x/ Version: 9.2x Tested on: Windows 7 SP1 CVE : NA C:\Users\userwmic service get...
WAFW00F v1.0.0 - Detect All The Web Application Firewall!
WAFW00F identifies and fingerprints Web Application Firewall WAF products. How does it work? To do its magic, WAFW00F does the following: Sends a normal HTTP request and analyses the response; this identifies a number of WAF solutions. If that is not successful, it sends a number of potentially...
CVE-2017-17023
The Sophos UTM VPN endpoint interacts with client software provided by NPC Engineering www.ncp-e.com. The affected client software, "Sophos IPSec Client" 11.04 is a rebranded version of NCP "Secure Entry Client" 10.11 r32792. A vulnerability in the software update feature of the VPN client allows...
[CVE-2013-2764] Secure Entry Server - URL Redirection
COMPASS SECURITY ADVISORY http://www.csnc.ch/en/downloads/advisories.html Product: Secure Entry Server SES Vendor: United Security Providers Ltd. CSNC ID: CSNC-2013-008 CVD ID: CVE-2013-2764 Subject: URL Redirection Risk: High Effect: Remotely exploitable Author: Alexandre Herzog...
USP Secure Entry Server URL Redirection
COMPASS SECURITY ADVISORY http://www.csnc.ch/en/downloads/advisories.html Product: Secure Entry Server SES Vendor: United Security Providers Ltd. CSNC ID: CSNC-2013-008 CVD ID: CVE-2013-2764 Subject: URL Redirection Risk: High Effect: Remotely exploitable Author: Alexandre Herzog Date: 18.12.2013...
Design/Logic Flaw
Multiple untrusted search path vulnerabilities in NCP Secure Enterprise Client before 9.21 Build 68, Secure Entry Client before 9.23 Build 18, and Secure Client - Juniper Edition before 9.23 Build 18 allow local users to gain privileges via a Trojan horse 1 dvccsabase002.dll, 2 conman.dll, 3...