CVE-2018-18471

/api/2.0/rest/aggregator/xml in Axentra firmware, used by NETGEAR Stora, Seagate GoFlex Home, and MEDION LifeCloud, has an XXE vulnerability that can be chained with an SSRF bug to gain remote command execution as root. It can be triggered by anyone who knows the IP address of the affected device...

CVE-2018-18471

The vulnerability CVE-2018-18471 affects the endpoint /api/2.0/rest/aggregator/xml in Axentra Hipserv firmware used by NETGEAR Stora, Seagate GoFlex Home, and MEDION LifeCloud. The issue is an XXE flaw that can be chained with an SSRF bug to achieve remote command execution as root, exploitable b...

CVE-2018-18471

/api/2.0/rest/aggregator/xml in Axentra firmware, used by NETGEAR Stora, Seagate GoFlex Home, and MEDION LifeCloud, has an XXE vulnerability that can be chained with an SSRF bug to gain remote command execution as root. It can be triggered by anyone who knows the IP address of the affected device...

PT-2018-2497 · Medion +3 · Medion Lifecloud Nas +3

Name of the Vulnerable Software and Affected Versions: Seagate GoFlex Home affected versions not specified Medion LifeCloud NAS affected versions not specified Netgear Stora affected versions not specified Description: The issue is related to an incorrect restriction of XML links to external...

extranet.portal.storaenso.com XSS vulnerability

Open Bug Bounty ID: OBB-161691 Description| Value ---|--- Affected Website:| extranet.portal.storaenso.com Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS...

PhonerLite 2.14 SIP Soft Phone - SIP Digest Disclosure

No description provided by source. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 I. Advisory Summary Title: SIP Digest Leak Information Disclosure in PhonerLite 2.14 SIP Soft Phone Date Published: March 30, 2014 Vendors contacted: Heiko Sommerfeldt, PhonerLite author Discovered by: Jason Ostrom...