14901 matches found
CVE-2021-28909
The connected records confirm that BAB TECHNOLOGIE GmbH eibPort V3 prior versions (≤3.9.1) are affected by an unauthenticated brute-force exposure of the login service at /webif/SecurityModule. An attacker could leverage weak/default credentials (admin) to gain access and, per Red Hat/NVD referen...
CVE-2021-28909
BAB TECHNOLOGIE GmbH eibPort V3 prior version 3.9.1 allow unauthenticated attackers to access uncontrolled the login service at /webif/SecurityModule in a brute force attack. The password could be weak and default username is known as 'admin'. This is usable and part of an attack chain to gain SS...
CVE-2021-34718
A vulnerability in the SSH Server process of Cisco IOS XR Software could allow an authenticated, remote attacker to overwrite and read arbitrary files on the local device. This vulnerability is due to insufficient input validation of arguments that are supplied by the user for a specific file...
Input validation
A vulnerability in the SSH Server process of Cisco IOS XR Software could allow an authenticated, remote attacker to overwrite and read arbitrary files on the local device. This vulnerability is due to insufficient input validation of arguments that are supplied by the user for a specific file...
CVE-2021-34718 Cisco IOS XR Software Arbitrary File Read and Write Vulnerability
A vulnerability in the SSH Server process of Cisco IOS XR Software could allow an authenticated, remote attacker to overwrite and read arbitrary files on the local device. This vulnerability is due to insufficient input validation of arguments that are supplied by the user for a specific file...
CVE-2021-34718 Cisco IOS XR Software Arbitrary File Read and Write Vulnerability
A vulnerability in the SSH Server process of Cisco IOS XR Software could allow an authenticated, remote attacker to overwrite and read arbitrary files on the local device. This vulnerability is due to insufficient input validation of arguments that are supplied by the user for a specific file...
CVE-2021-34718
Cisco IOS XR Software contains an Arbitrary File Read/Write vulnerability in the SSH Server, exploitable by an authenticated, remote attacker via crafted SCP parameters during login. The issue stems from insufficient input validation of user-supplied arguments for the SCP file-transfer method, en...
BAB TECHNOLOGIE GmbH eibPort 安全漏洞
Bab Technologie Gmbh BAB TECHNOLOGIE GmbH eibPort is an application from BAB TECHNOLOGIE GmbH Bab Technologie Gmbh, Germany, for managing smart furniture devices. A security vulnerability exists in BAB TECHNOLOGIE GmbH eibPort V3, which stems from a vulnerability in versions prior to 3.9.1 that...
PAN-OS: Impact of Telnet Remote-Code-Execution (RCE) Vulnerability (CVE-2020-10188)
A buffer overflow vulnerability in the Telnet-based administrative management service included with PAN-OS software allows remote attackers to execute arbitrary code. The Telnet-based administrative management service is disabled by default and this issue is not exploitable if this service is...
Cisco IOS XR Software Arbitrary File Read and Write Vulnerability
A vulnerability in the SSH Server process of Cisco IOS XR Software could allow an authenticated, remote attacker to overwrite and read arbitrary files on the local device. This vulnerability is due to insufficient input validation of arguments that are supplied by the user for a specific file...
TREVORspray - A Featureful Round-Robin SOCKS Proxy And Python O365 Sprayer Based On MSOLSpray Which Uses The Microsoft Graph API
TREVORproxy is a SOCKS proxy that round-robins requests through SSH hosts. TREVORspray is a A featureful Python O365 sprayer based on MSOLSpray which uses the Microsoft Graph API By @thetechr0mancer Microsoft is getting better and better about blocking password spraying attacks against O365...
ECOA Building Automation System Hard-coded Credentials SSH Access
Summary 1 The Risk-Terminator Web Graphic control BEMS Building Energy Management System are designed to provide you with the latest in the Human Machine Interface HMI technology, for completely monitoring and controlling management. It may be used singly for small and medium sized facilities,...
CVE-2021-27022
A flaw was discovered in bolt-server and ace where running a task with sensitive parameters results in those sensitive parameters being logged when they should not be. This issue only affects SSH/WinRM nodes inventory service nodes...
Design/Logic Flaw
A flaw was discovered in bolt-server and ace where running a task with sensitive parameters results in those sensitive parameters being logged when they should not be. This issue only affects SSH/WinRM nodes inventory service nodes...
CVE-2021-27022
A flaw was discovered in bolt-server and ace where running a task with sensitive parameters results in those sensitive parameters being logged when they should not be. This issue only affects SSH/WinRM nodes inventory service nodes...
CVE-2021-27022
CVE-2021-27022 affects bolt-server and ace; vulnerable on SSH/WinRM inventory service nodes where running a task with sensitive parameters causes those parameters to be logged. The issue is described consistently across Red Hat, NVD/NVD feed, Ubuntu, Debian, and OSV/etc. The provided documents do...
CVE-2021-27022
A flaw was discovered in bolt-server and ace where running a task with sensitive parameters results in those sensitive parameters being logged when they should not be. This issue only affects SSH/WinRM nodes inventory service nodes...
CVE-2021-27022
A flaw was discovered in bolt-server and ace where running a task with sensitive parameters results in those sensitive parameters being logged when they should not be. This issue only affects SSH/WinRM nodes inventory service nodes...
Debian DLA-2755-1 : btrbk - LTS security update
The remote Debian 9 host has a package installed that is affected by a vulnerability as referenced in the dla-2755 advisory. An issue has been found in btrbk, a backup tool for btrfs subvolumes. Due to mishandling of remote hosts filtering SSH commands using sshfilterbtrbk.sh in authorizedkeys an...
[SECURITY] [DLA 2755-1] btrbk security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2755-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz September 05, 2021 https://wiki.debian.org/LTS -...