Lucene search
+L

132 matches found

ICS
ICS
added 2019/10/08 12:0 a.m.162 views

GE Mark VIe Controller

1. EXECUTIVE SUMMARY CVSS v3 6.8 ATTENTION: Low skill level to exploit Vendor: GE Equipment: Mark VIe Controller Vulnerabilities: Improper Authorization, Use of Hard-coded Credentials 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to create...

8.8CVSS8.8AI score0.0096EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2019/08/02 12:0 a.m.7 views

The vulnerability of the Telnet protocol implementation in the JunOS operating system allows a hacker to circumvent the restrictions of veriexec for the operating system.

The vulnerability of the Telnet protocol implementation in the JunOS operating system is due to buffer overflow in the stack. Exploiting this vulnerability can allow an attacker to circumvent the restrictions imposed by veriexec for the operating system...

7.8CVSS5.9AI score0.00587EPSS
Exploits2References7Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2018/08/03 4:23 a.m.42 views

Security Bulletin: Vulnerability in SSLv3 affects Host On-Demand (CVE-2014-3566)

Summary SSLv3 contains a vulnerability that has been referred to as the Padding Oracle On Downgraded Legacy Encryption POODLE attack. SSLv3 is enabled in IBM Rational Host On-Demand. Vulnerability Details CVE-ID: CVE-2014-3566 Description: Product could allow a remote attacker to obtain sensitive...

4.3CVSS1AI score0.99999EPSS
Exploits7Affected Software1
BDU FSTEC
BDU FSTEC
added 2018/04/12 12:0 a.m.11 views

The vulnerability of the registration and accounting subsystem of the wireless access point for Moxa AWK-3131A industrial systems allows a intruder to execute arbitrary commands with root privileges.

The vulnerability of the registration and accounting subsystem of the wireless access point for Moxa AWK-3131A industrial systems exists due to the lack of measures taken to neutralize the special elements used in the operating system commands. Exploiting this vulnerability allows a malicious act...

10CVSS5.9AI score0.12169EPSS
Exploits1References6Affected Software1
ATTACKERKB
ATTACKERKB
added 2017/03/17 12:0 a.m.46 views

CVE-2017-3881

A vulnerability in the Cisco Cluster Management Protocol CMP processing code in Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a reload of an affected device or remotely execute code with elevated privileges. The Cluster Management Protocol utilizes...

10CVSS3.4AI score0.98975EPSS
In wildExploits12References9
Prion
Prion
added 2017/03/06 2:59 a.m.16 views

Hardcoded credentials

The WePresent WiPG-1500 device with firmware 1.0.3.7 has a manufacturer account that has a hardcoded username / password. Once the device is set to DEBUG mode, an attacker can connect to the device using the telnet protocol and log into the device with the 'abarco' hardcoded manufacturer account...

9.3CVSS7.9AI score0.07117EPSS
Exploits4References3Affected Software1
NVD
NVD
added 2017/03/06 2:59 a.m.22 views

CVE-2017-6351

The WePresent WiPG-1500 device with firmware 1.0.3.7 has a manufacturer account that has a hardcoded username / password. Once the device is set to DEBUG mode, an attacker can connect to the device using the telnet protocol and log into the device with the 'abarco' hardcoded manufacturer account...

9.3CVSS8AI score0.07117EPSS
Exploits4References3
Cvelist
Cvelist
added 2017/03/06 2:0 a.m.24 views

CVE-2017-6351

The WePresent WiPG-1500 device with firmware 1.0.3.7 has a manufacturer account that has a hardcoded username / password. Once the device is set to DEBUG mode, an attacker can connect to the device using the telnet protocol and log into the device with the 'abarco' hardcoded manufacturer account...

8AI score0.07117EPSS
Exploits4References3
CVE
CVE
added 2017/03/06 2:0 a.m.57 views

CVE-2017-6351

WePresent WiPG-1500 devices (firmware up to 1.0.3.7) contain a hardcoded manufacturer account with a username/password. When DEBUG mode is enabled, an attacker can connect via telnet (port 5885) and log in using the hardcoded account abarco . This account is not documented, nor is the DEBUG featu...

9.3CVSS7.9AI score0.07117EPSS
Exploits4References3Affected Software1
0day.today
0day.today
added 2017/03/01 12:0 a.m.52 views

WePresent WiPG-1500 - Backdoor Account Vulnerability

Exploit for hardware platform in category remote exploits Exploit Title: CVE-2017-6351 - WePresent undocumented privileged manufacturer backdoor account Date: 27/02/2017 Exploit Author: Quentin Olagne Vendor Homepage: http://www.wepresentwifi.com/ or...

9.3CVSS0.1AI score0.07117EPSS
Exploits4
Packet Storm
Packet Storm
added 2017/03/01 12:0 a.m.60 views

WePresent WiPG-1500 Backdoor Account

Exploit Title: CVE-2017-6351 - WePresent undocumented privileged manufacturer backdoor account Date: 27/02/2017 Exploit Author: Quentin Olagne Vendor Homepage: http://www.wepresentwifi.com/ or http://www.awindinc.com/productswepresentwipg1500.html Software Link:...

8.2AI score0.07117EPSS
Exploits4
BDU FSTEC
BDU FSTEC
added 2016/07/05 12:0 a.m.8 views

The vulnerability of the Windows operating system, which allows a malicious individual to intercept confidential information

Data related to Telnet protocol in the Windows operating system is transmitted in an unencrypted form. This allows a remote malicious individual to intercept confidential information, including user names and passwords, by analyzing network traffic...

5CVSS5.5AI score
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2015/06/15 12:0 a.m.7 views

The vulnerability of the microprogrammed software of Hospira Lifecare PCA allows a intruder to gain control over the device.

The vulnerability of Hospira Lifecare PCA medical equipment’s microprogramming software lies in the lack of authentication when connecting via Telnet protocol on port 23. Exploiting this vulnerability can allow a malicious actor to gain control over the device remotely...

10CVSS7.2AI score0.05162EPSS
Exploits0References1Affected Software1
Packet Storm
Packet Storm
added 2014/11/05 12:0 a.m.39 views

Softing FG-100 PB Hardcoded Backdoor

COMPASS SECURITY ADVISORY http://www.csnc.ch/en/downloads/advisories.html Product: Softing FG-100 PB Vendor: Softing AG www.softing.com CVD ID: CVE-2014-6617 Subject: Backdoor Account Risk: High Effect: Remotely exploitable Author: Ingmar Rosenhagen Daniel Marzin Johannes Klick Date: 05.11.2014...

8.1CVSS0.1AI score0.04452EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2014/09/04 12:0 a.m.18 views

Telnet TN3270E Protocol Detection

Binary data 8378.prm...

7.3AI score
Exploits0References1
Packet Storm
Packet Storm
added 2013/06/13 12:0 a.m.29 views

Grandstream Backdoor / Cross Site Request Forgery / Cross Site Scripting

=============================================================================== GRANDSTREAM ==================================================================== =============================================================================== 1.Advisory Information Title: Grandstream Series...

6.8CVSS0.2AI score0.02602EPSS
Exploits2
Saint
Saint
added 2012/02/11 12:0 a.m.87 views

Telnetd Encryption Key ID Code Execution

Added: 02/11/2012 CVE: CVE-2011-4862 BID: 51182 OSVDB: 78020 Background Telnet is a network protocol used on the Internet or local area networks to provide a bidirectional interactive text-oriented communications facility using a virtual terminal connection. Problem The flaw is caused due to a...

10CVSS7.1AI score0.95104EPSS
Exploits19
Saint
Saint
added 2012/02/11 12:0 a.m.137 views

Telnetd Encryption Key ID Code Execution

Added: 02/11/2012 CVE: CVE-2011-4862 BID: 51182 OSVDB: 78020 Background Telnet is a network protocol used on the Internet or local area networks to provide a bidirectional interactive text-oriented communications facility using a virtual terminal connection. Problem The flaw is caused due to a...

10CVSS7AI score0.95104EPSS
Exploits19
Tenable Nessus
Tenable Nessus
added 2011/12/27 12:0 a.m.44 views

FreeBSD : krb5-appl -- telnetd code execution vulnerability (4ddc78dc-300a-11e1-a2aa-0016ce01e285)

The MIT Kerberos Team reports : When an encryption key is supplied via the TELNET protocol, its length is not validated before the key is copied into a fixed-size buffer. Also see MITKRB5-SA-2011-008. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in...

10CVSS5.5AI score0.95104EPSS
Exploits19References4
FreeBSD
FreeBSD
added 2011/12/23 12:0 a.m.42 views

krb5-appl -- telnetd code execution vulnerability

The MIT Kerberos Team reports: When an encryption key is supplied via the TELNET protocol, its length is not validated before the key is copied into a fixed-size buffer. Also see MITKRB5-SA-2011-008...

10CVSS7AI score0.95104EPSS
Exploits19References2
Rows per page
Query Builder