Lucene search
K

377 matches found

Cvelist
Cvelist
added 2025/01/02 12:0 a.m.30 views

CVE-2024-56829

Huang Yaoshi Pharmaceutical Management Software through 16.0 allows arbitrary file upload via a .asp filename in the fileName element of the UploadFile element in a SOAP request to /XSDService.asmx...

10CVSS0.00556EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/01/02 12:0 a.m.10 views

CVE-2024-56829

Huang Yaoshi Pharmaceutical Management Software through 16.0 allows arbitrary file upload via a .asp filename in the fileName element of the UploadFile element in a SOAP request to /XSDService.asmx...

10CVSS7AI score0.00556EPSS
Exploits0References1
CNVD
CNVD
added 2024/12/13 12:0 a.m.7 views

TP-LINK VN020 Buffer Overflow Vulnerability

The TP-LINK VN020 is a wireless modem from China P&L TP-LINK. A security vulnerability exists in TP-Link VN020 F3vT TTV6.2.1021 version, which originates from a buffer overflow in the parameter NewConnectionType in the component SOAP request handler. An attacker can exploit this vulnerability to...

8.8CVSS7.4AI score0.04719EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2024/12/12 12:0 a.m.5 views

The vulnerability of the SOAP request handler in the microprogramming software for TP-Link Wi-Fi routers VN020 F3v(T) allows a hacker to trigger a service failure.

The vulnerability of the SOAP request handler in the microprogramming software for TP-Link Wi-Fi routers, model VN020 F3vT, relates to the execution of operations outside the buffer in memory. Exploiting this vulnerability could allow a malicious actor to cause service failures remotely...

8.8CVSS6.9AI score0.04719EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/12/11 12:0 a.m.9 views

The vulnerability of the Incomplete SOAP Request Handler component in TP-Link VN020 F3v(T) software, a wireless router, allows a malicious actor to trigger a service failure.

The vulnerability of the Incomplete SOAP Request Handler component in the TP-Link VN020 F3vT wireless router software relates to improper cleaning or release of resources. Exploiting this vulnerability can allow an attacker to cause service failure remotely...

6.5CVSS6.5AI score0.08886EPSS
Exploits2References4Affected Software1
OSV
OSV
added 2024/12/08 10:15 a.m.11 views

CVE-2024-12343

A vulnerability classified as critical has been found in TP-Link VN020 F3vT TTV6.2.1021. Affected is an unknown function of the file /control/WANIPConnection of the component SOAP Request Handler. The manipulation of the argument NewConnectionType leads to buffer overflow. The attack needs to be...

8.8CVSS6.1AI score0.04719EPSS
Exploits0References5
NVD
NVD
added 2024/12/08 10:15 a.m.36 views

CVE-2024-12343

A vulnerability classified as critical has been found in TP-Link VN020 F3vT TTV6.2.1021. Affected is an unknown function of the file /control/WANIPConnection of the component SOAP Request Handler. The manipulation of the argument NewConnectionType leads to buffer overflow. The attack needs to be...

8.8CVSS0.04719EPSS
Exploits0References5
Cvelist
Cvelist
added 2024/12/08 9:31 a.m.56 views

CVE-2024-12343 TP-Link VN020 F3v(T) SOAP Request WANIPConnection buffer overflow

A vulnerability classified as critical has been found in TP-Link VN020 F3vT TTV6.2.1021. Affected is an unknown function of the file /control/WANIPConnection of the component SOAP Request Handler. The manipulation of the argument NewConnectionType leads to buffer overflow. The attack needs to be...

7.1CVSS0.04719EPSS
Exploits0References5
CVE
CVE
added 2024/12/08 9:31 a.m.869 views

CVE-2024-12343

TP-Link VN020 F3v(T) TT_V6.2.1021 is affected, specifically the SOAP Request Handler’s /control/WANIPConnection component where manipulating the NewConnectionType argument triggers a buffer overflow. This vulnerability requires local-network access and has public exploitation information, with po...

8.8CVSS6.7AI score0.04719EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2024/12/08 7:15 a.m.38 views

CVE-2024-12342

A vulnerability was found in TP-Link VN020 F3vT TTV6.2.1021. It has been rated as critical. This issue affects some unknown processing of the file /control/WANIPConnection of the component Incomplete SOAP Request Handler. The manipulation leads to denial of service. The attack can only be initiat...

7.1CVSS0.08886EPSS
Exploits2References4
CVE
CVE
added 2024/12/08 6:31 a.m.105 views

CVE-2024-12342

TP-Link VN020 F3v(T) TT_V6.2.1021 has a high-severity vulnerability in the Incomplete SOAP Request Handler for the WANIPConnection UPnP service. The issue enables denial of service via malformed SOAP requests, exploitable from the local network. Public PoCs and exploit details exist (e.g., Exploi...

7.1CVSS6.4AI score0.08886EPSS
Exploits2References4
Positive Technologies
Positive Technologies
added 2024/12/08 12:0 a.m.8 views

PT-2024-9331 · Tp Link · Tp-Link Vn020 F3V

Name of the Vulnerable Software and Affected Versions: TP-Link VN020 F3vT version TT V6.2.1021 Description: A critical vulnerability has been found in the TP-Link VN020 F3vT router. The issue is related to the SOAP Request Handler component, specifically an unknown function of the file...

8.8CVSS6.8AI score0.04719EPSS
Exploits0References15
Positive Technologies
Positive Technologies
added 2024/12/08 12:0 a.m.5 views

PT-2024-9297 · Tp Link · Tp-Link Vn020 F3V

Name of the Vulnerable Software and Affected Versions: TP-Link VN020 F3vT version TT V6.2.1021 Description: A critical issue affects the Incomplete SOAP Request Handler component, specifically the processing of the file /control/WANIPConnection. This can lead to denial of service when exploited...

7.1CVSS6.3AI score0.08886EPSS
Exploits2References15
CNNVD
CNNVD
added 2024/12/08 12:0 a.m.5 views

TP-LINK VN020 安全漏洞

The TP-LINK VN020 is a wireless modem from China P&L TP-LINK. A security vulnerability exists in TP-Link VN020 F3vT TTV6.2.1021 version, which originates from a buffer overflow in the parameter NewConnectionType in the component SOAP request handler. An attacker can exploit this vulnerability to...

8.8CVSS7.3AI score0.04719EPSS
Exploits0References5
Packet Storm
Packet Storm
added 2024/10/11 12:0 a.m.321 views

Chamilo 1.11.18 Code Injection

============================================================================================================================================= | Title : Chamilo 1.11.18 Code Injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 130.0.2 64 bits ...

7.4AI score
Exploits0
Metasploit
Metasploit
added 2024/07/09 7:55 p.m.280 views

Ivanti EPM RecordGoodApp SQLi RCE

Ivanti Endpoint Manager EPM 2022 SU5 and prior are vulnerable to unauthenticated SQL injection which can be leveraged to achieve unauthenticated remote code execution. Module Options msf use exploit/windows/http/ivantiepmrecordgoodappsqlirce msf exploitivantiepmrecordgoodappsqlirce show targets...

9.6CVSS10AI score0.99951EPSS
Exploits5
0day.today
0day.today
added 2024/07/09 12:0 a.m.190 views

Ivanti EPM RecordGoodApp SQL Injection / Remote Code Execution Exploit

Ivanti Endpoint Manager EPM 2022 SU5 and prior versions are susceptible to an unauthenticated SQL injection vulnerability which can be leveraged to achieve unauthenticated remote code execution. This module requires Metasploit: https://metasploit.com/download Current source:...

8.8CVSS9.4AI score0.99951EPSS
Exploits5
Packet Storm
Packet Storm
added 2024/07/09 12:0 a.m.308 views

Ivanti EPM RecordGoodApp SQL Injection / Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Ivanti EPM RecordGoodApp SQLi RCE', 'Description' = %q Ivanti Endpoint Manager EPM 2022 SU5 and prior are vulnerable to unauthenticated SQL...

9.6CVSS7.4AI score0.99951EPSS
Exploits5
ATTACKERKB
ATTACKERKB
added 2024/05/31 12:0 a.m.25 views

CVE-2024-29824

An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same network to execute arbitrary code. Recent assessments: cdelafuente-r7 at July 23, 2024 8:10am UTC reported: Ivanti Endpoint Manager EPM versions 2022 SU5 a...

9.6CVSS9.1AI score0.99951EPSS
In wildExploits5References3
BDU FSTEC
BDU FSTEC
added 2024/05/13 12:0 a.m.7 views

The vulnerability of the hnap_main() function in D-Link DIR-845L router microprogramming software allows a hacker to bypass security restrictions and execute arbitrary commands.

The vulnerability of the hnapmain function in D-Link DIR-845L router microprogramming software arises from the lack of measures taken to neutralize special elements used in the operating system’s command for processing the SOAP request purenetworks.com/HNAP1/GetDeviceSettings. Exploiting this...

5.8CVSS8.3AI score0.06457EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder