91 matches found
CVE-2026-21620
A flaw was found in Erlang OTP tftpfile modules. This vulnerability allows an attacker to exploit a weakness in how file paths are handled, known as Relative Path Traversal. By manipulating these paths, an attacker could gain unauthorized access to sensitive files on the system, potentially leadi...
CVE-2020-24990
An issue was discovered in QSC Q-SYS Core Manager 8.2.1. By utilizing the TFTP service running on UDP port 69, a remote attacker can perform a directory traversal and obtain operating system files via a TFTP GET request, as demonstrated by reading /etc/passwd or /proc/version...
EUVD-2008-6165
Malware in sbrugna...
EUVD-2008-1644
Malware in sbrugna...
EUVD-2020-3982
Malware in sbrugna...
EUVD-2020-17690
Malware in sbrugna...
EUVD-2008-1414
Malware in sbrugna...
EUVD-2020-4806
Malware in sbrugna...
EUVD-2008-1621
Malware in sbrugna...
EUVD-2009-0276
Malware in sbrugna...
EUVD-2023-57692
Malicious code in bioql PyPI...
Korenix JetNet Arbitrary Unauthenticated TFTP Actions (CVE-2020-12504)
Improper Authorization vulnerability of Korenix JetNet 5428G-20SFP, JetNet 5810G, JetNet 4706F, JetNet 4510, JetNet 5310, JetNet 4706, JetNet 5428G, JetNet 6095, JetNet 4706 use an active TFTP-Service. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-o...
Unable to Bind Provisioning Services TFTP Service to Multiple NICs
Target devices on different non-routable VLANs are unable to connect to the Provisioning Services PVS server that has a NIC bound to each of the non-routable VLANs...
CVE-2020-24990
An issue was discovered in QSC Q-SYS Core Manager 8.2.1. By utilizing the TFTP service running on UDP port 69, a remote attacker can perform a directory traversal and obtain operating system files via a TFTP GET request, as demonstrated by reading /etc/passwd or /proc/version...
Directory traversal
An issue was discovered in QSC Q-SYS Core Manager 8.2.1. By utilizing the TFTP service running on UDP port 69, a remote attacker can perform a directory traversal and obtain operating system files via a TFTP GET request, as demonstrated by reading /etc/passwd or /proc/version...
CVE-2020-24990
An issue was discovered in QSC Q-SYS Core Manager 8.2.1. By utilizing the TFTP service running on UDP port 69, a remote attacker can perform a directory traversal and obtain operating system files via a TFTP GET request, as demonstrated by reading /etc/passwd or /proc/version...
CVE-2020-12504
Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT all versions and ICRL-M-8RJ45/4SFP-G-DIN, ICRL-M-16RJ45/4CP-G-DIN FW 1.2.3 and below has an acti...
Authorization
Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT all versions and ICRL-M-8RJ45/4SFP-G-DIN, ICRL-M-16RJ45/4CP-G-DIN FW 1.2.3 and below has an acti...
CVE-2020-12504
CVE-2020-12504 is an "Improper Authorization" vulnerability affecting Pepperl+Fuchs/P+F Comtrol RocketLinx devices and Korenix JetNet/JetWave products listed in the connected documents. The NVD entry notes an active TFTP service on affected models (firmware 1.2.3 and below for some Pepperl+Fuchs/...
CVE-2020-12504 Pepperl+Fuchs improper authorization affects multiple Comtrol RocketLinx products
Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT all versions and ICRL-M-8RJ45/4SFP-G-DIN, ICRL-M-16RJ45/4CP-G-DIN FW 1.2.3 and below has an acti...