Lucene search
K

32 matches found

Positive Technologies
Positive Technologies
added 2024/09/05 12:0 a.m.4 views

PT-2024-29989 · Hughes Network Systems +1 · Wl3000 Fusion +1

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue involves credentials to access device configuration being transmitted using an unencrypted protocol. This allows read-only access to network...

7.5CVSS6.9AI score0.00299EPSS
Exploits0References7
Prion
Prion
added 2023/01/05 10:15 p.m.19 views

Design/Logic Flaw

Communication between the client and the server application of the affected products is partially done using CORBA Common Object Request Broker Architecture over TCP/IP. This protocol is not encrypted and allows tracing of internal messages. This issue affects FOXMAN-UN product: FOXMAN-UN R15B,...

7.5CVSS9.5AI score0.00389EPSS
Exploits0References2Affected Software2
Vulnrichment
Vulnrichment
added 2023/01/05 9:54 p.m.7 views

CVE-2022-3929 Communication between the client and server partially using CORBA over TCP/IP

Communication between the client and the server application of the affected products is partially done using CORBA Common Object Request Broker Architecture over TCP/IP. This protocol is not encrypted and allows tracing of internal messages. This issue affects FOXMAN-UN product: FOXMAN-UN R15B,...

8.3CVSS8.4AI score0.00389EPSS
Exploits0References2
ThreatPost
ThreatPost
added 2021/05/18 6:36 p.m.27 views

Stalkerware Apps Riddled with Security Bugs

Android stalkerware apps – used to surreptitiously track people’s movements and digital activities – turn out to themselves be rife with security holes that put victims in even danger. Stalkerware can track the GPS location of a victim’s device, record conversations, capture images and snoop on...

8.4AI score
Exploits0References6
CNVD
CNVD
added 2018/05/31 12:0 a.m.3 views

poco code execution vulnerability

poco is an open source C++ class library for building web-based applications on servers, desktops and embedded systems. A security vulnerability exists in poco that originates when the program downloads an executable file over an unencrypted HTTP connection. A remote attacker could exploit the...

9.3CVSS7.2AI score0.01752EPSS
Exploits0References1
CNVD
CNVD
added 2017/03/10 12:0 a.m.6 views

Dahua DHI-HCVR7216A-S3 Man-in-the-Middle Attack Vulnerability

Dahua DHI-HCVR7216A-S3 is a network DVR product from China Dahua Dahua. A man-in-the-middle attack vulnerability exists in Dahua DHI-HCVR7216A-S3 V3.210.0001.10 build 2016-06-06. As the Dahua DVR protocol running on TCP port 37777 is an unencrypted binary protocol. It allows an attacker to create...

9.3CVSS6.7AI score0.01025EPSS
Exploits0References1
NVD
NVD
added 2017/03/09 5:59 p.m.25 views

CVE-2017-6432

An issue was discovered on Dahua DHI-HCVR7216A-S3 3.210.0001.10 build 2016-06-06 devices. The Dahua DVR Protocol, which operates on TCP Port 37777, is an unencrypted, binary protocol. Performing a Man-in-the-Middle attack allows both sniffing and injections of packets, which allows creation of...

9.3CVSS7.9AI score0.01025EPSS
Exploits0References2
OSV
OSV
added 2017/03/09 5:59 p.m.4 views

CVE-2017-6432

An issue was discovered on Dahua DHI-HCVR7216A-S3 3.210.0001.10 build 2016-06-06 devices. The Dahua DVR Protocol, which operates on TCP Port 37777, is an unencrypted, binary protocol. Performing a Man-in-the-Middle attack allows both sniffing and injections of packets, which allows creation of...

8.1CVSS5.8AI score0.01025EPSS
Exploits0References2
Packet Storm
Packet Storm
added 2015/05/29 12:0 a.m.37 views

ESC 8832 Data Controller Session Hijacking

=begin Exploit Title: ESC 8832 Data Controller multiple vulnerabilities Date: 2014-05-29 Platform: SCADA / Web Application Exploit Author: Balazs Makany Vendor Homepage: www.envirosys.com Version: ESC 8832 Data Controller Hardware Tested on: ESC 8832 Data Controller Hardware CVE : N/A Yet POC for...

0.6AI score
Exploits0
exploitpack
exploitpack
added 2015/05/29 12:0 a.m.33 views

ESC 8832 Data Controller - Multiple Vulnerabilities

ESC 8832 Data Controller - Multiple Vulnerabilities =begin Exploit Title: ESC 8832 Data Controller multiple vulnerabilities Date: 2014-05-29 Platform: SCADA / Web Application Exploit Author: Balazs Makany Vendor Homepage: www.envirosys.com Version: ESC 8832 Data Controller Hardware Tested on: ESC...

0.6AI score
Exploits0
Cvelist
Cvelist
added 2006/02/01 8:0 p.m.21 views

CVE-2005-4704

Unspecified vulnerability in BEA WebLogic Server and WebLogic Express 8.1 through SP3, 7.0 through SP6, and 6.1 through SP7, when SSL is intended to be used, causes an unencrypted protocol to be used in certain unspecified circumstances, which causes user credentials to be sent across the network...

6.9AI score0.01314EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2002/03/13 12:0 a.m.949 views

X Display Manager Control Protocol (XDMCP) Detection

The X Display Manager Control Protocol XDMCP service allows a Unix user to remotely obtain a graphical X11 login and therefore act as a local user on the remote host. If an attacker can gain a valid login and password, this service could be used to gain further access on the remote host. An...

5.7AI score
Exploits0
Rows per page
Query Builder