PT-2024-23801 · Asus · Asus Download Master

Name of the Vulnerable Software and Affected Versions: ASUS Download Master affected versions not specified Description: The upload functionality does not properly filter user input, allowing remote attackers with administrative privilege to upload any file to any location. This can include...

The vulnerability of the Cisco Web Security Appliance’s web interface allows a hacker to inject arbitrary code into the web page that is uploaded.

The vulnerability of the Cisco Web Security Appliance web interface relates to insufficient protection of the web page structure. Exploiting this vulnerability allows a malicious actor to inject arbitrary code into the loaded web page remotely...

The vulnerability of the Network Configuration Transfer tool, The Expedition Migration tool—which exists due to the lack of measures taken to protect the website structure—allows a hacker to inject arbitrary JavaScript or HTML code into the uploaded web page.

The vulnerability of the Network Configuration Transfer tool exists because measures to protect the website structure have not been taken. Exploiting this vulnerability allows a malicious actor to inject arbitrary JavaScript or HTML code into the uploaded web page...

The vulnerability of the Golden VM component in the Juniper ATP intrusion prevention system allows a intruder to inject arbitrary JavaScript code into the loaded page and gain access to protected data.

The vulnerability of the Golden VM component in the Juniper ATP intrusion prevention system is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to inject arbitrary JavaScript code into the uploaded page and gain access to protected data...

The vulnerability in the web interface of the Cisco Prime Infrastructure software management tool allows a hacker to inject arbitrary code into the uploaded web page.

The vulnerability in the web interface of the Cisco Prime Infrastructure network lifecycle management software exists due to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability allows a malicious actor to inject arbitrary code into the loaded web pag...

The vulnerability of the UpdateSite function in the software controller for centralized control of wireless networks by D-Link Central WiFi Manager allows a intruder to inject any arbitrary code into the uploaded web page.

The vulnerability of the UpdateSite function in the software controller for D-Link Central WiFi Manager exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to inject arbitrary code into the uploaded web page remotely...

The vulnerability of the software controller for the centralized control of wireless networks by D-Link Central WiFi Manager arises from the lack of measures taken to protect the website structure. This allows a hacker to inject arbitrary code into the uploaded web page.

The vulnerability of the addUser function in the software controller for D-Link Central WiFi Manager exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to inject arbitrary code into the uploaded web page remotely...