Lucene search
K

5 matches found

Cvelist
Cvelist
added 2023/03/27 8:46 p.m.46 views

CVE-2023-28640 Permissions bypass in Apiman could enable authenticated attacker to unpermitted API Key

Apiman is a flexible and open source API Management platform. Due to a missing permissions check, an attacker with an authenticated Apiman Manager account may be able to gain access to API keys they do not have permission for if they correctly guess the URL, which includes Organisation ID, Client...

6.4CVSS6.6AI score0.0034EPSS
Exploits0References2
0day.today
0day.today
added 2021/05/27 12:0 a.m.97 views

CommScope Ruckus IoT Controller 1.7.1.0 Undocumented Account Vulnerability

An upgrade account is included in the IoT Controller OVA that provides the vendor undocumented access via Secure Copy SCP. 1. Vulnerability Details Affected Vendor: CommScope Affected Product: Ruckus IoT Controller Affected Version: 1.7.1.0 and earlier Platform: Linux CWE Classification: CWE-798:...

9.8CVSS0.5AI score0.13773EPSS
Exploits5
KoreLogic Security
KoreLogic Security
added 2021/05/26 12:0 a.m.35 views

CommScope Ruckus IoT Controller Undocumented Account

Vulnerability Details Affected Vendor: CommScope Affected Product: Ruckus IoT Controller Affected Version: 1.7.1.0 and earlier Platform: Linux CWE Classification: CWE-798: Use of Hard-coded Credentials, CWE-912: Hidden Functionality CVE ID: CVE-2021-33216 2. Vulnerability Description An upgrade...

9.8CVSS0.7AI score0.13773EPSS
Exploits4Affected Software1
OSV
OSV
added 2017/07/22 9:29 p.m.4 views

CVE-2017-7336

A hard-coded account named 'upgrade' in Fortinet FortiWLM 8.3.0 and lower versions allows a remote attacker to log-in and execute commands with 'upgrade' account privileges...

9.8CVSS5.9AI score0.02464EPSS
Exploits0References2
CNVD
CNVD
added 2017/07/05 12:0 a.m.4 views

Fortinet FortiWLM Command Execution Vulnerability

Fortinet FortiWLM is a wireless network device management platform developed by the U.S. Fiat Fortinet. A security vulnerability exists in the hard-coded password account named 'upgrade' in Fortinet FortiWLM 8.3.0 and prior versions. A remote attacker could exploit this vulnerability to execute...

9.8CVSS7.5AI score0.02464EPSS
Exploits0References1
Rows per page
Query Builder