328 matches found
CVE-2019-7715
An issue was discovered in the Interpeak IPCOMShell TELNET server on Green Hills INTEGRITY RTOS 5.0.4. The main shell handler function uses the value of the environment variable ipcom.shell.greeting as the first argument to printf. Setting this variable using the sysvar command results in a...
CVE-2002-2372
The telnet server in Infoprint 21 running controller software before 1.056007 allows remote attackers to cause a denial of service crash via a long username, possibly due to a buffer overflow...
Netgear R7000 Backup.cgi Heap Overflow Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Netgear R7000 backup.cgi Heap Overflow RCE', 'Description' = %q This module exploits a heap buffer overflow in the genie.cgi?backup.cgi page of...
RHEL 5 : telnet-server (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - telnet-server: no bounds checks in nextitem function allows to remotely execute arbitrary code CVE-2020-10188 Note...
Exploit for OS Command Injection in Lg Webos
Root my webOS TV A simple python script that starts a telnet...
Ubuntu: Security Advisory (USN-5048-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2022-4390
A network misconfiguration is present in versions prior to 1.0.9.90 of the NETGEAR RAX30 AX2400 series of routers. IPv6 is enabled for the WAN interface by default on these devices. While there are firewall restrictions in place that define access restrictions for IPv4 traffic, these restrictions...
The vulnerability of the Iota All-In-One Security Kit’s Telnet server allows a hacker to gain unauthorized access to protected information.
The vulnerability of the Iota All-In-One Security Kit’s Telnet server lies in the ability to use strictly encrypted credentials. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to protected information through the TCP port 55023...
CVE-2022-3203
On ORing net IAP-420+ with FW version 2.0m a telnet server is enabled by default and cannot permanently be disabled. You can connect to the device via LAN or WiFi with hardcoded credentials and get an administrative shell. These credentials are reset to defaults with every reboot...
Hardcoded credentials
On ORing net IAP-420+ with FW version 2.0m a telnet server is enabled by default and cannot permanently be disabled. You can connect to the device via LAN or WiFi with hardcoded credentials and get an administrative shell. These credentials are reset to defaults with every reboot...
CVE-2022-3203 ORing net IAP-420(+) Hidden Functionality
On ORing net IAP-420+ with FW version 2.0m a telnet server is enabled by default and cannot permanently be disabled. You can connect to the device via LAN or WiFi with hardcoded credentials and get an administrative shell. These credentials are reset to defaults with every reboot...
CVE-2022-3203 ORing net IAP-420(+) Hidden Functionality
On ORing net IAP-420+ with FW version 2.0m a telnet server is enabled by default and cannot permanently be disabled. You can connect to the device via LAN or WiFi with hardcoded credentials and get an administrative shell. These credentials are reset to defaults with every reboot...
CVE-2022-38394
Use of hard-coded credentials for the telnet server of CentreCOM AR260S V2 firmware versions prior to Ver.3.3.7 allows a remote unauthenticated attacker to execute an arbitrary OS command...
CVE-2022-38394
Use of hard-coded credentials for the telnet server of CentreCOM AR260S V2 firmware versions prior to Ver.3.3.7 allows a remote unauthenticated attacker to execute an arbitrary OS command...
Hardcoded credentials
Use of hard-coded credentials for the telnet server of CentreCOM AR260S V2 firmware versions prior to Ver.3.3.7 allows a remote unauthenticated attacker to execute an arbitrary OS command...
CVE-2022-38394
Use of hard-coded credentials for the telnet server of CentreCOM AR260S V2 firmware versions prior to Ver.3.3.7 allows a remote unauthenticated attacker to execute an arbitrary OS command...
The vulnerability of the telnet server’s microprogramming software for the CentreCOM AR260S V2 allows a hacker to increase their privileges.
The vulnerability of the telnet server software for CentreCOM AR260S V2 lies in the presence of undocumented commands. Exploiting this vulnerability can allow a remote attacker to gain increased privileges...
The vulnerability of the telnet server’s microprogramming software for the CentreCOM AR260S V2 allows a hacker to gain access to user credentials.
The vulnerability of the telnet server software for CentreCOM AR260S V2 lies in the use of strictly encrypted login credentials. Exploiting this vulnerability allows a malicious actor to gain access to these login credentials remotely...
The vulnerability of the telnet server software for CentreCOM AR260S V2 exists due to the lack of measures to neutralize special elements, allowing attackers to execute arbitrary commands.
The vulnerability of the telnet server software for CentreCOM AR260S V2 exists due to the lack of measures taken to neutralize the special elements used in the operating system commands. Exploiting this vulnerability allows a malicious actor to execute arbitrary shell commands on the target syste...
PT-2022-4624 · Centrecom · Centrecom Ar260S V2
Name of the Vulnerable Software and Affected Versions: CentreCOM AR260S V2 firmware versions prior to Ver.3.3.7 Description: The issue is related to the use of hard-coded credentials for the telnet server, allowing a remote unauthenticated attacker to execute an arbitrary OS command. This could...