4 matches found
CVE-2020-7336
Cross Site Request Forgery vulnerability in McAfee Network Security Management NSM prior to 10.1.7.35 and NSM 9.x prior to 9.2.9.55 may allow an attacker to change the configuration of the Network Security Manager via a carefully crafted HTTP request...
CVE-2020-1630 Junos OS: Privilege escalation vulnerability in dual REs, VC or HA cluster may allow unauthorized configuration change.
A privilege escalation vulnerability in Juniper Networks Junos OS devices configured with dual Routing Engines RE, Virtual Chassis VC or high-availability cluster may allow a local authenticated low-privileged user with access to the shell to perform unauthorized configuration modification. This...
Cisco Transport Gateway for Smart Call Home Unauthorized Configuration Change Vulnerability
A vulnerability in the web framework code of Cisco Transport Gateway for Smart Call Home TG-SCH could allow an unauthenticated, remote attacker to make certain changes to the system. The vulnerability is due to improper implementation of authorization controls when accessing certain administrativ...
Xerox WorkCentre WebUI远程命令注入漏洞
Xerox WorkCentre是一款数码打印复印一体机。 WorkCentre的TCP/IP主机名存在WebUI命令注入漏洞,允许攻击者绕过认证远程执行任意软件。如果成功利用的话,攻击者可以非授权更改系统配置。 Xerox WorkCentre Pro 275 Xerox WorkCentre Pro 265 Xerox WorkCentre Pro 255 Xerox WorkCentre Pro 245 Xerox WorkCentre Pro 238 Xerox WorkCentre Pro 232 Xerox WorkCentre 275 Xerox WorkCentre 26...