CVE-2019-13549

Rittal Chiller SK 3232-Series web interface as built upon Carel pCOWeb firmware A1.5.3 – B1.2.4. The authentication mechanism on affected systems does not provide a sufficient level of protection against unauthorized configuration changes. Primary operations, namely turning the cooling unit on an...

Command injection

Baxter SIGMA Spectrum Infusion System version 6.05 model 35700BAX with wireless battery module WBM version 16 is remotely accessible via Port 22/SSH without authentication. A remote attacker may be able to make unauthorized configuration changes to the WBM, as well as issue commands to access...

CVE-2014-5432

Baxter SIGMA Spectrum Infusion System version 6.05 model 35700BAX with wireless battery module WBM version 16 is remotely accessible via Port 22/SSH without authentication. A remote attacker may be able to make unauthorized configuration changes to the WBM, as well as issue commands to access...

CVE-2014-5432

Baxter SIGMA Spectrum Infusion System version 6.05 model 35700BAX with wireless battery module WBM version 16 is remotely accessible via Port 22/SSH without authentication. A remote attacker may be able to make unauthorized configuration changes to the WBM, as well as issue commands to access...

CVE-2018-14666

An improper authorization flaw was found in the Smart Class feature of Foreman. An attacker can use it to change configuration of any host registered in Red Hat Satellite, independent of the organization the host belongs to. This flaw affects all Red Hat Satellite 6 versions...

Design/Logic Flaw

When api-config-dir is set to a non-empty value, which is not the case by default, the API in PowerDNS Recursor 4.x up to and including 4.0.6 and 3.x up to and including 3.7.4 allows an authorized user to update the Recursor's ACL by adding and removing netmasks, and to configure forward zones. I...

CVE-2017-7917

A Cross-Site Request Forgery issue was discovered in Moxa OnCell G3110-HSPA Version 1.3 build 15082117 and previous versions, OnCell G3110-HSDPA Version 1.2 Build 09123015 and previous versions, OnCell G3150-HSDPA Version 1.4 Build 11051315 and previous versions, OnCell 5104-HSDPA, OnCell...

Authentication flaw

A vulnerability in the web-based GUI of Cisco Mobility Express 1800 Series Access Points could allow an unauthenticated, remote attacker to bypass authentication. The attacker could be granted full administrator privileges. The vulnerability is due to improper implementation of authentication for...

CVE-2017-3831

A vulnerability in the web-based GUI of Cisco Mobility Express 1800 Series Access Points could allow an unauthenticated, remote attacker to bypass authentication. The attacker could be granted full administrator privileges. The vulnerability is due to improper implementation of authentication for...

CVE-2017-3831

A vulnerability in the web-based GUI of Cisco Mobility Express 1800 Series Access Points could allow an unauthenticated, remote attacker to bypass authentication. The attacker could be granted full administrator privileges. The vulnerability is due to improper implementation of authentication for...

Cross site request forgery (csrf)

An issue was discovered on Schneider Electric IONXXXX series power meters ION73XX series, ION75XX series, ION76XX series, ION8650 series, ION8800 series, and PM5XXX series. There is no CSRF Token generated to authenticate the user during a session. Successful exploitation of this vulnerability ca...

CVE-2016-5809

Schneider Electric IONXXXX Series Power Meters (ION73XX, ION75XX, ION76XX, ION8650, ION8800, PM5XXX) are affected by CVE-2016-5809 due to lack of a CSRF token during sessions. This enables unauthorized configuration changes to be made and saved. Public materials (e.g., Exploit-DB, Packet Storm, T...

CVE-2016-7991

On Samsung Galaxy S4 through S7 devices, the "omacp" app ignores security information embedded in the OMACP messages resulting in remote unsolicited WAP Push SMS messages being accepted, parsed, and handled by the device, leading to unauthorized configuration changes, a subset of SVE-2016-6542...

Cisco Nexus 9000 Series APIC Access Control Vulnerability (CSCut12998)

The remote Cisco Nexus 9000 Series device is affected by an access control vulnerability in the Cisco Application Policy Infrastructure Controller APIC due to a flaw in the eligibility logic of the role-based access control RBAC code. An authenticated, remote attacker can exploit this, via...

Cisco Prime Service Catalog Web Interface Unauthorized Access Vulnerability

Cisco Prime Service Catalog provides a self-service portal, service request management, and IT service catalog for the data center. A security vulnerability exists in the web interface of Cisco Prime Service Catalog. A remote attacker could exploit this vulnerability to perform configuration...

Baxter SIGMA Spectrum Infusion System Vulnerabilities

OVERVIEW This advisory was originally posted to the US-CERT secure Portal library on June 30, 2015, and is being released to the NCCIC/ICS-CERT web site. Researcher Jared Bird with Allina IS Security identified four vulnerabilities in Baxter’s SIGMA Spectrum Infusion System. Baxter has released a...

Cisco Transport Gateway for Smart Call Home Unauthorized Configuration Change Vulnerability

A vulnerability in the web framework code of Cisco Transport Gateway for Smart Call Home TG-SCH could allow an unauthenticated, remote attacker to make certain changes to the system. The vulnerability is due to improper implementation of authorization controls when accessing certain administrativ...

Multiple Vulnerabilities in Cisco Wireless LAN Controllers (cisco-sa-20090727-wlc)

The remote Cisco Wireless LAN Controller WLC is affected by one or more of the following vulnerabilities: - Malformed HTTP or HTTPS authentication response Denial of Service CVE-2009-1164 - SSH connections Denial of Service CVE-2009-1165 - Crafted HTTP or HTTPS request Denial of Service...

NETGEAR WPN824v3 - Unauthorized Configuration Download

NETGEAR WPN824v3 - Unauthorized Configuration Download Title: ====== Netgear WPN824v3 Unauthorized Config Download Date: ===== 2013-06-03 Introduction: ============= The Netgear RangeMax Wireless Router model WPN824v3 allows to download the config file without authorization. Status: ========...

Cisco SRP 500 multiple security vulnerabilities

Commands injection, directory traversal, unauthorized configuration uplooad...