CVE-2024-14007 TVT NVMS-9000 < 1.3.4 Unauthenticated Administrative Queries & Information Disclosure

Shenzhen TVT Digital Technology Co., Ltd. NVMS-9000 firmware used by many white-labeled DVR/NVR/IPC products versions prior to 1.3.4 contain an authentication bypass in the NVMS-9000 control protocol. By sending a single crafted TCP payload to an exposed NVMS-9000 control port, an unauthenticated...

Splunk Free Detection

Splunk Free is running on the remote host. Splunk Free allows uncredentialed access, and anyone who connects will automatically be logged on as 'admin'. A remote attacker can exploit this to gain administrative access to the application. Splunk is a search, monitoring, and reporting tool for syst...

Trapeze Service Shell - Admin Service Accessible

The remote web server is a Trapeze Service Shell, the application server component included with various products from Trapeze Software, Inc., such as their traveller information systems for providing public bus and train route information. The remote Trapeze Service Shell has not been securely...

Cabletron WebView Administrative Access

This host is a Cabletron switch and is running Cabletron WebView. This web software provides a graphical, real-time representation of the front panel on the switch. This graphic, along with additionally defined areas of the browser interface, allow you to interactively configure the switch, monit...