Lucene search
K

34 matches found

Vulnrichment
Vulnrichment
added 2024/06/25 8:1 p.m.21 views

CVE-2024-5011 WhatsUp Gold TestController Chart denial of service vulnerability

In WhatsUp Gold versions released before 2023.1.3, an uncontrolled resource consumption vulnerability exists. A specially crafted unauthenticated HTTP request to the TestController Chart functionality can lead to denial of service...

7.5CVSS6.9AI score0.47092EPSS
Exploits0References3
CVE
CVE
added 2024/06/25 8:0 p.m.55 views

CVE-2024-5010

Progress Software’s WhatsUp Gold TestController contains an information-disclosure vulnerability (CVE-2024-5010) affecting versions such as 23.1.0 Build 1697 prior to 23.1.3. An unauthenticated HTTP request can disclose sensitive data (e.g., Devices and NetworkInterfaces), enabling disclosure of ...

7.5CVSS7.4AI score0.69952EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2024/05/29 3:35 p.m.26 views

CVE-2023-46297

An issue was discovered on Mercusys MW325R EU V3 MW325REUV31.11.0 221019 devices. A WAN attacker can make the admin interface unreachable/invisible via an unauthenticated HTTP request. Verification of the data sent by the user does not occur. The web server does not crash, but the admin interface...

6.6AI score0.00157EPSS
Exploits0References1
CVE
CVE
added 2024/05/29 3:35 p.m.87 views

CVE-2023-46297

CVE-2023-46297 affects Mercusys MW325R EU V3 (firmware 1.11.0 221019). An unauthenticated HTTP request can render the admin interface unreachable/invisible; data verification is not performed, and affected UI files become unavailable. The web server remains up, but the admin UI is hidden, typical...

5.1CVSS6.9AI score0.00157EPSS
Exploits0References1
NVD
NVD
added 2023/06/23 12:15 p.m.16 views

CVE-2023-30258

Command Injection vulnerability in MagnusSolution magnusbilling 6.x and 7.x allows remote attackers to run arbitrary commands via unauthenticated HTTP request...

9.8CVSS9.9AI score0.9425EPSS
Exploits15References4
Cvelist
Cvelist
added 2022/02/14 8:15 p.m.25 views

CVE-2021-45310

Sangoma Technologies Corporation Switchvox Version 102409 is affected by an information disclosure vulnerability due to an improper access restriction. Users information such as first name, last name, acount id, server uuid, email address, profile image, number, timestamps, etc can be extracted b...

5.5AI score0.00898EPSS
Exploits1References1
NVD
NVD
added 2020/07/28 3:15 p.m.20 views

CVE-2020-13914

webs in Ruckus Wireless Unleashed through 200.7.10.102.92 allows a remote attacker to cause a denial of service Segmentation fault to the webserver via an unauthenticated crafted HTTP request. This affects C110, E510, H320, H510, M510, R320, R310, R500, R510 R600, R610, R710, R720, R750, T300,...

7.5CVSS7.5AI score0.02287EPSS
Exploits0References1
Prion
Prion
added 2020/07/28 3:15 p.m.16 views

Improper access control

Incorrect access control in webs in Ruckus Wireless Unleashed through 200.7.10.102.92 allows a remote attacker to leak system information that can be used for a jailbreak via an unauthenticated crafted HTTP request. This affects C110, E510, H320, H510, M510, R320, R310, R500, R510 R600, R610, R71...

5CVSS7.5AI score0.02361EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/07/28 2:46 p.m.24 views

CVE-2020-13918

Incorrect access control in webs in Ruckus Wireless Unleashed through 200.7.10.102.92 allows a remote attacker to leak system information that can be used for a jailbreak via an unauthenticated crafted HTTP request. This affects C110, E510, H320, H510, M510, R320, R310, R500, R510 R600, R610, R71...

7.5AI score0.02361EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/07/28 2:46 p.m.26 views

CVE-2020-13914

webs in Ruckus Wireless Unleashed through 200.7.10.102.92 allows a remote attacker to cause a denial of service Segmentation fault to the webserver via an unauthenticated crafted HTTP request. This affects C110, E510, H320, H510, M510, R320, R310, R500, R510 R600, R610, R710, R720, R750, T300,...

7.5AI score0.02287EPSS
Exploits0References1
NVD
NVD
added 2020/01/22 9:15 p.m.16 views

CVE-2019-19840

A stack-based buffer overflow in zapparseargs in zap.c in zap in Ruckus Unleashed through 200.7.10.102.64 allows remote code execution via an unauthenticated HTTP request...

9.8CVSS10AI score0.04126EPSS
Exploits1References3
NVD
NVD
added 2020/01/22 7:15 p.m.29 views

CVE-2019-19843

Incorrect access control in the web interface in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote credential fetch via an unauthenticated HTTP request involving a symlink with /tmp and web/user/wpstoolcache...

9.8CVSS9.6AI score0.0182EPSS
Exploits1References3
Prion
Prion
added 2020/01/22 7:15 p.m.21 views

Design/Logic Flaw

Incorrect access control in the web interface in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote credential fetch via an unauthenticated HTTP request involving a symlink with /tmp and web/user/wpstoolcache...

7.5CVSS9.5AI score0.0182EPSS
Exploits1References3Affected Software2
Prion
Prion
added 2017/06/29 12:29 a.m.16 views

Authorization

Authorization Bypass in the Web interface of Arcadyan SLT-00 Star aka Swisscom Internet-Box devices before R7.7 allows unauthorized reconfiguration of the static routing table via an unauthenticated HTTP request, leading to denial of service and information disclosure...

5CVSS6.9AI score0.0095EPSS
Exploits0References1
Rows per page
Query Builder