CVE-2025-8078

A post-authentication command injection vulnerability in Zyxel ATP series firmware versions from V4.32 through V5.40, USG FLEX series firmware versions from V4.50 through V5.40, USG FLEX 50W series firmware versions from V4.16 through V5.40, and USG20W-VPN series firmware versions from V4.16...

VulnCheck KEV: CVE-2022-38627

Nortek Linear eMerge E3-Series 0.32-08f, 0.32-07p, 0.32-07e, 0.32-09c, 0.32-09b, 0.32-09a, and 0.32-08e were discovered to contain a SQL injection vulnerability via the idt parameter...

Zyxel多款产品 代码问题漏洞

Zyxel USG20W-VPN and others are products of China Hopkins Zyxel.Zyxel USG20W-VPN is a firewall appliance for use in corporate environments.Zyxel ATP series firmware is a series of firewall firmwares.Zyxel USG FLEX series firmware is a series of Zyxel USG FLEX series firmware is a series of securi...

CVE-2024-1220

A stack-based buffer overflow in the built-in web server in Moxa NPort W2150A/W2250A Series firmware version 2.3 and prior allows a remote attacker to exploit the vulnerability by sending crafted payload to the web service. Successful exploitation of the vulnerability could result in denial of...

CVE-2023-6764

A format string vulnerability in a function of the IPSec VPN feature in Zyxel ATP series firmware versions from 4.32 through 5.37 Patch 1, USG FLEX series firmware versions from 4.50 through 5.37 Patch 1, USG FLEX 50W series firmware versions from 4.16 through 5.37 Patch 1, and USG20W-VPN series...

CVE-2023-34215 Second Order Command-injection Vulnerability in the Certificate-generation Function

TN-5900 Series firmware versions v3.3 and prior are vulnerable to the command-injection vulnerability. This vulnerability stems from insufficient input validation and improper authentication in the certification-generation function, which could potentially allow malicious users to execute remote...

CVE-2023-33239 Second Order Command-injection Vulnerability in the Key-generation Function

TN-4900 Series firmware versions v1.2.4 and prior and TN-5900 Series firmware versions v3.3 and prior are vulnerable to the command injection vulnerability. This vulnerability stems from insufficient input validation in the key-generation function, which could potentially allow malicious users to...

PT-2023-4622 · Unknown · Tn-5900 Series +1

Name of the Vulnerable Software and Affected Versions: TN-4900 Series firmware versions v1.2.4 and prior TN-5900 Series firmware versions v3.3 and prior Description: The issue stems from insufficient input validation in the certificate-generation function, which could potentially allow malicious...

CVE-2022-36382

Out-of-bounds write in firmware for some IntelR Ethernet Network Controllers and Adapters E810 Series before version 1.7.0.8 and some IntelR Ethernet 700 Series Controllers and Adapters before version 9.101 may allow a privileged user to potentially enable denial of service via local access...

CVE-2022-22273

CVE-2022-22273 describes an OS Command Injection in end-of-life SonicWall SRA appliances and SMA 100 series firmware (SRA 8.x and SMA 9.0.0.5-19sv / 9.0.0.9-26sv and earlier). Root cause: improper neutralization of special elements. Impact: post-auth access leading to command execution with high ...

Schneider Electric Modicon Controllers Exposure of Sensitive Information to an Unauthorized Actor (CVE-2018-7848)

A CWE-200: Information Exposure vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause the disclosure of SNMP information when reading files from the controller over Modbus This plugin only works with Tenable.ot. Please visit...

Schneider Electric Modicon Controllers Uncaught Exception (CVE-2019-6808)

A CWE-284: Improper Access Control vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause a remote code execution by overwriting configuration settings of the controller over Modbus. This plugin only works with Tenable.ot...

CVE-2021-0009

Out-of-bounds read in the firmware for IntelR Ethernet Adapters 800 Series Controllers and associated adapters before version 1.5.3.0 may allow an unauthenticated user to potentially enable denial of service via adjacent access...

CVE-2021-21507

Dell EMC Networking X-Series firmware versions prior to 3.0.1.8 and Dell EMC PowerEdge VRTX Switch Module firmware versions prior to 2.0.0.82 contain a Weak Password Encryption Vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to the disclosure...

CVE-2018-11106

NETGEAR has released fixes for a pre-authentication command injection in requesthandler.php security vulnerability on the following product models: WC7500, running firmware versions prior to 6.5.3.5; WC7520, running firmware versions prior to 2.5.0.46; WC7600v1, running firmware versions prior to...

Siemens Mobile Phone Buffer overflow

====================================== --- Product : Siemens Mobile Phone --- Version : All 45 series phones --- OffSite : www.siemens-mobile.com --- Problem : Buffer Overflow. ====================================== General Description В телефонах Siemens серии 45, мною была найдена еще одна...