28 matches found
PHOENIX CONTACT FL NAT 跨站请求伪造漏洞
PHOENIX CONTACT FL NAT is a series of industrial security gateways developed by PHOENIX CONTACT GmbH in Germany. PHOENIX CONTACT FL NAT has a cross-site request forgeing vulnerability, which originates from the Link Aggregation configuration interface. This vulnerability may allow unverified remo...
EUVD-2017-3907
Malware in sbrugna...
EUVD-2017-15709
Malware in sbrugna...
EUVD-2024-49186
Malicious code in bioql PyPI...
EUVD-2024-49193
Malicious code in bioql PyPI...
EUVD-2024-49191
Malicious code in bioql PyPI...
EUVD-2024-49184
Malicious code in bioql PyPI...
EUVD-2024-49185
Malicious code in bioql PyPI...
EUVD-2024-49183
Malicious code in bioql PyPI...
Weidmueller Interface多款产品 安全漏洞
Weidmueller Interface E-SW-VL08MT-8TX and others are products of Weidmueller Interface, Germany.Weidmueller Interface E-SW-VL08MT-8TX is a managed network switch.Weidmueller Interface IE-SW-PL10M-3GT-7TX is an Ethernet switch.Weidmueller Interface IE-SW-PL10MT-3GT-7TX is a managed network switch....
CVE-2025-20137
A vulnerability in the access control list ACL programming of Cisco IOS Software that is running on Cisco Catalyst 1000 Switches and Cisco Catalyst 2960L Switches could allow an unauthenticated, remote attacker to bypass a configured ACL. This vulnerability is due to the use of both an IPv4 ACL a...
CVE-2024-8458
Certain switch models from PLANET Technology have a web application that is vulnerable to Cross-Site Request Forgery CSRF. An unauthenticated remote attacker can trick a user into visiting a malicious website, allowing the attacker to impersonate the user and perform actions on their behalf, such...
CVE-2024-8456
Certain switch models from PLANET Technology lack proper access control in firmware upload and download functionality, allowing unauthenticated remote attackers to download and upload firmware and system configurations, ultimately gaining full control of the devices...
CVE-2024-8453
Certain switch models from PLANET Technology use an insecure hashing function to hash user passwords without being salted. Remote attackers with administrator privileges can read configuration files to obtain the hash values, and potentially crack them to retrieve the plaintext passwords...
CVE-2024-8457
PLANET Technology switch devices are affected by a Stored XSS vulnerability in the web management interface. The issue arises from improper validation of certain web parameters, enabling a remote attacker with administrator privileges to inject arbitrary JavaScript. The vulnerability specifically...
CVE-2024-8450
Certain switch models from PLANET Technology have a Hard-coded community string in the SNMPv1 service, allowing unauthorized remote attackers to use this community string to access the SNMPv1 service with read-write privileges...
CVE-2024-8448
Certain switch models from PLANET Technology have a hard-coded credential in the specific command-line interface, allowing remote attackers with regular privilege to log in with this credential and obtain a Linux root shell...
CVE-2024-8449
CVE-2024-8449 affects PLANET Technology switch models, where the password recovery function contains a hard-coded credential. An unauthenticated attacker with physical access can use the serial console to reset any user’s password. The CVE entry notes hard-coded credential as the root cause and h...
PT-2024-39021 · Planet Technology · Planet Technology Switch
Name of the Vulnerable Software and Affected Versions: PLANET Technology switches affected versions not specified Description: The issue concerns the SSH service in certain switch models from PLANET Technology, which improperly handles insufficiently authenticated connection requests. This allows...
PT-2024-39019 · Planet Technology · Planet Technology Switch
Name of the Vulnerable Software and Affected Versions: PLANET Technology switches affected versions not specified Description: The issue concerns a hard-coded credential in the password recovering functionality of certain switch models from PLANET Technology. This allows an unauthenticated attack...