Lucene search
K

197 matches found

Vulnrichment
Vulnrichment
added 2022/04/20 3:30 p.m.8 views

CVE-2022-1039 ICSA-22-104-03 Red Lion DA50N

The weak password on the web user interface can be exploited via HTTP or HTTPS. Once such access has been obtained, the other passwords can be changed. The weak password on Linux accounts can be accessed via SSH or Telnet, the former of which is by default enabled on trusted interfaces. While the...

9.6CVSS9.6AI score0.01172EPSS
Exploits0References1
Talos
Talos
added 2022/02/28 12:0 a.m.71 views

Swift Sensors Gateway device password generation authentication bypass vulnerability

Summary An authentication bypass vulnerability exists in the device password generation functionality of Swift Sensors Gateway SG3-1010. A specially-crafted network request can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability. Tested Version...

10CVSS10AI score0.0581EPSS
Exploits1
NVD
NVD
added 2022/02/17 1:15 p.m.17 views

CVE-2022-22899

Core FTP / SFTP Server v2 Build 725 was discovered to allow unauthenticated attackers to cause a Denial of Service DoS via a crafted packet through the SSH service...

5.5CVSS0.00863EPSS
Exploits1References2
The Hacker News
The Hacker News
added 2021/11/19 9:27 a.m.42 views

FBI Issues Flash Alert on Actively Exploited FatPipe VPN Zero-Day Bug

The U.S. Federal Bureau of Investigation FBI has disclosed that an unidentified threat actor has been exploiting a previously unknown weakness in the FatPipe MPVPN networking devices at least since May 2021 to obtain an initial foothold and maintain persistent access into vulnerable networks,...

7.2AI score
Exploits0
Cvelist
Cvelist
added 2021/06/29 2:33 p.m.17 views

CVE-2021-31505

This vulnerability allows attackers with physical access to escalate privileges on affected installations of Arlo Q Plus 1.9.0.3278. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SSH service. The device can be booted into a special operation mod...

6.8CVSS7AI score0.00551EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
added 2021/06/14 12:0 a.m.66 views

Arlo Q Plus SSH Use of Hard-coded Credentials Privilege Escalation Vulnerability

This vulnerability allows attackers with physical access to escalate privileges on affected installations of Arlo Q Plus. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SSH service. The device can be booted into a special operation mode where...

6.8CVSS3.8AI score0.00551EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2021/03/02 12:0 a.m.10 views

The vulnerability of the SSH service on Cisco StarOS allows a hacker to trigger a service failure.

The vulnerability of the SSH service on Cisco StarOS is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor to cause service failures remotely...

5.3CVSS7.2AI score0.0145EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2021/02/18 12:0 a.m.6 views

Cisco StarOS Denial of Service Vulnerability (CNVD-2021-13233)

Cisco StarOS is a router operating system that controls the entire system logic and can control processes and CLIs. A denial of service vulnerability exists in the SSH service for Cisco StarOS 21.9.0 - 21.19.10. The vulnerability stems from a logic error that can occur under certain traffic...

7.5CVSS6.7AI score0.0145EPSS
Exploits0References1
NVD
NVD
added 2021/02/17 5:15 p.m.19 views

CVE-2021-1378

A vulnerability in the SSH service of the Cisco StarOS operating system could allow an unauthenticated, remote attacker to cause an affected device to stop processing traffic, resulting in a denial of service DoS condition. The vulnerability is due to a logic error that may occur under specific...

7.5CVSS0.0145EPSS
Exploits0References1
Prion
Prion
added 2021/02/17 5:15 p.m.17 views

Race condition

A vulnerability in the SSH service of the Cisco StarOS operating system could allow an unauthenticated, remote attacker to cause an affected device to stop processing traffic, resulting in a denial of service DoS condition. The vulnerability is due to a logic error that may occur under specific...

5CVSS7.5AI score0.0145EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/02/17 4:55 p.m.20 views

CVE-2021-1378 Cisco StarOS Denial of Service Vulnerability

A vulnerability in the SSH service of the Cisco StarOS operating system could allow an unauthenticated, remote attacker to cause an affected device to stop processing traffic, resulting in a denial of service DoS condition. The vulnerability is due to a logic error that may occur under specific...

5.3CVSS7.7AI score0.0145EPSS
Exploits0References1
Cisco
Cisco
added 2021/02/17 4:0 p.m.70 views

Cisco StarOS Denial of Service Vulnerability

A vulnerability in the SSH service of the Cisco StarOS operating system could allow an unauthenticated, remote attacker to cause an affected device to stop processing traffic, resulting in a denial of service DoS condition. The vulnerability is due to a logic error that may occur under specific...

5.3CVSS6.3AI score0.0145EPSS
Exploits0References1
NVD
NVD
added 2020/08/21 7:15 p.m.14 views

CVE-2019-11862

The SSH service on ALEOS before 4.12.0, 4.9.5, 4.4.9 allows traffic proxying...

8.4CVSS8.2AI score0.00669EPSS
Exploits0References1
Prion
Prion
added 2020/08/21 7:15 p.m.11 views

Code injection

The SSH service on ALEOS before 4.12.0, 4.9.5, 4.4.9 allows traffic proxying...

4.6CVSS8.3AI score0.00669EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2020/08/21 6:53 p.m.53 views

CVE-2019-11862

The CVE affects the ALEOS SSH service prior to 4.12.0, 4.9.5, and 4.4.9, where the SSH service allows traffic proxying. The provided data includes CVSSv3.1 metrics (AV:L, AC:L, PR:N, UI:N, S:U; C/H/I/H/A/H; base 8.4) and CVSSv2 metrics (base 4.6) indicating HIGH impact on confidentiality, integri...

8.4CVSS8.2AI score0.00669EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2020/07/29 7:15 p.m.28 views

CVE-2020-5763

Grandstream HT800 series firmware version 1.0.17.5 and below contain a backdoor in the SSH service. An authenticated remote attacker can obtain a root shell by correctly answering a challenge prompt...

9CVSS8.6AI score0.02726EPSS
Exploits1References2
Cvelist
Cvelist
added 2020/04/08 7:25 p.m.24 views

CVE-2020-1616 JATP Series: JATP Is susceptible to slow brute force attacks on the SSH service.

Due to insufficient server-side login attempt limit enforcement, a vulnerability in the SSH login service of Juniper Networks Juniper Advanced Threat Prevention JATP Series and Virtual JATP vJATP devices allows an unauthenticated, remote attacker to perform multiple login attempts in excess of th...

5.3CVSS5.5AI score0.01393EPSS
Exploits0References1
NVD
NVD
added 2020/03/05 4:15 p.m.22 views

CVE-2020-8994

An issue was discovered on XIAOMI AI speaker MDZ-25-DT 1.34.36, and 1.40.14. Attackers can get root shell by accessing the UART interface and then they can read Wi-Fi SSID or password, read the dialogue text files between users and XIAOMI AI speaker, use Text-To-Speech tools pretend XIAOMI...

7.2CVSS6.7AI score0.00559EPSS
Exploits1References3
NVD
NVD
added 2019/10/09 9:15 p.m.32 views

CVE-2019-15017

The SSH service is enabled on the Zingbox Inspector versions 1.294 and earlier, exposing SSH to the local network. When combined with PAN-SA-2019-0027, this can allow an attacker to authenticate to the service using hardcoded credentials...

8.4CVSS8.2AI score0.00356EPSS
Exploits0References1
Prion
Prion
added 2019/10/09 9:15 p.m.12 views

Hardcoded credentials

The SSH service is enabled on the Zingbox Inspector versions 1.294 and earlier, exposing SSH to the local network. When combined with PAN-SA-2019-0027, this can allow an attacker to authenticate to the service using hardcoded credentials...

7.2CVSS8.1AI score0.00356EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder