10 matches found
CVE-2024-36555
Built-in SMS-configuration command in Forever KidsWatch Call Me KW50 R36YDRA3PWGM7SV1.02019071516.19.24cobh and Forever KidsWatch Call Me 2 KW-60 R36CWYDES4A292V1.02023.05.2422.49.44cobb allows malicious users to change the device IMEI-number which allows for forging the identity of the device...
CVE-2024-36555
CVE-2024-36555 affects Forever KidsWatch Call Me KW50 and KW-60. The issue stems from a built-in SMS-configuration command that allows unverified SMS privileges to change the device IMEI, enabling forging the device identity. Affected components: the SMS configuration pathway in the COB_h/COB_b v...
CVE-2024-36555
Built-in SMS-configuration command in Forever KidsWatch Call Me KW50 R36YDRA3PWGM7SV1.02019071516.19.24cobh and Forever KidsWatch Call Me 2 KW-60 R36CWYDES4A292V1.02023.05.2422.49.44cobb allows malicious users to change the device IMEI-number which allows for forging the identity of the device...
CVE-2024-36555
Built-in SMS-configuration command in Forever KidsWatch Call Me KW50 R36YDRA3PWGM7SV1.02019071516.19.24cobh and Forever KidsWatch Call Me 2 KW-60 R36CWYDES4A292V1.02023.05.2422.49.44cobb allows malicious users to change the device IMEI-number which allows for forging the identity of the device...
CVE-2022-4312
A cleartext storage of sensitive information vulnerability exists in PcVue versions 8.10 through 15.2.3. This could allow an unauthorized user with access the email and short messaging service SMS accounts configuration files to discover the associated simple mail transfer protocol SMTP account...
Zammad Information Disclosure Vulnerability (CNVD-2020-75060)
Zammad is a Web-based open source helpdesk/customer support system. An information disclosure vulnerability exists in Zammad versions prior to 3.4.1. The vulnerability stems from the way Massenversand's implementation of the SMS configuration interface presents the results of test requests to the...
CVE-2020-26032
An SSRF issue was discovered in Zammad before 3.4.1. The SMS configuration interface for Massenversand is implemented in a way that renders the result of a test request to the User. An attacker can use this to request any URL via a GET request from the network interface of the server. This may le...
Server side request forgery (ssrf)
An SSRF issue was discovered in Zammad before 3.4.1. The SMS configuration interface for Massenversand is implemented in a way that renders the result of a test request to the User. An attacker can use this to request any URL via a GET request from the network interface of the server. This may le...
CVE-2020-26032
An SSRF issue was discovered in Zammad before 3.4.1. The SMS configuration interface for Massenversand is implemented in a way that renders the result of a test request to the User. An attacker can use this to request any URL via a GET request from the network interface of the server. This may le...
Zammad 代码问题漏洞
Zammad is a Web-based open source helpdesk/customer support system. An information disclosure vulnerability exists in Zammad versions prior to 3.4.1. The vulnerability stems from the way Massenversand's implementation of the SMS configuration interface presents the results of test requests to the...