Lucene search
K

10 matches found

OSV
OSV
added 2026/01/07 9:15 p.m.5 views

CVE-2025-61939

An unused function in MicroServer can start a reverse SSH connection to a vendor registered domain, without mutual authentication. An attacker on the local network with admin access to the web server, and the ability to manipulate DNS responses, can redirect the SSH connection to an attacker...

4.4CVSS5.8AI score0.00241EPSS
Exploits0References2
NVD
NVD
added 2026/01/07 9:15 p.m.7 views

CVE-2025-61939

An unused function in MicroServer can start a reverse SSH connection to a vendor registered domain, without mutual authentication. An attacker on the local network with admin access to the web server, and the ability to manipulate DNS responses, can redirect the SSH connection to an attacker...

8.8CVSS0.00241EPSS
Exploits0References2
CVE
CVE
added 2026/01/07 7:56 p.m.16 views

CVE-2025-61939

CVE-2025-61939 concerns Columbia Weather Systems MicroServer. An unused function can initiate a reverse SSH connection to a vendor-registered domain without mutual authentication. An attacker on a local network with admin access to the MicroServer web portal and the ability to manipulate DNS resp...

8.8CVSS6.2AI score0.00241EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/01/07 7:56 p.m.23 views

CVE-2025-61939 Columbia Weather Systems MicroServer Improper Restriction of Communication Channel to Intended Endpoints

An unused function in MicroServer can start a reverse SSH connection to a vendor registered domain, without mutual authentication. An attacker on the local network with admin access to the web server, and the ability to manipulate DNS responses, can redirect the SSH connection to an attacker...

8.8CVSS0.00241EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/01/07 12:0 a.m.9 views

PT-2026-1835

Name of the Vulnerable Software and Affected Versions MicroServer affected versions not specified Description An unused function in MicroServer can initiate a reverse SSH connection to a vendor-registered domain without mutual authentication. An attacker with local network access and administrati...

8.8CVSS6.1AI score0.00241EPSS
Exploits0References8
Huntr
Huntr
added 2022/07/27 11:31 a.m.14 views

UnAuthenticated SQL Injection

Proof of Concept POC: Vendor Domain Print version: https://yeswiki.net/?AccueiL/rss&id=1%27+and+extractvalue0x0a,concat0x0a,select+version--+- Print Database: https://yeswiki.net/?AccueiL/rss&id=1%27+and+extractvalue0x0a,concat0x0a,select+database--+- Print User:...

0.5AI score
Exploits0
0day.today
0day.today
added 2018/01/11 12:0 a.m.53 views

Android - Hardware Service Manager Arbitrary Service Replacement due to getpidcon Exploit

Exploit for Android platform in category dos / poc This bug is similar to Jann Horn's issue https://bugs.chromium.org/p/project-zero/issues/detail?id=851 -- credit should go to him. The hardware service manager allows the registration of HAL services. These services are used by the vendor domain...

7.2CVSS0.1AI score0.00753EPSS
Exploits2
Prion
Prion
added 2009/09/04 10:30 a.m.17 views

Design/Logic Flaw

Multiple unspecified vulnerabilities in Shareaza before 2.3.1.0 have unknown impact and attack vectors related to "very important security fixes," possibly involving update notifications and a domain that is no longer controlled by the vendor...

10CVSS7.3AI score0.01541EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2009/09/04 10:0 a.m.26 views

CVE-2008-7164

Multiple unspecified vulnerabilities in Shareaza before 2.3.1.0 have unknown impact and attack vectors related to "very important security fixes," possibly involving update notifications and a domain that is no longer controlled by the vendor...

6.8AI score0.01541EPSS
Exploits0References5
CVE
CVE
added 2009/09/04 10:0 a.m.46 views

CVE-2008-7164

Shareaza (before 2.3.1.0) is affected by a vulnerability described as an update notification spoofing issue. The OpenVAS entry refers to a vulnerability in Shareaza Update Notification Spoofing Vulnerability, and the NVD entry lists CVSS v2.0 base metrics of AV:N/AC:L/Au:N/C:C/I:C/A:C with a base...

10CVSS7AI score0.01541EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder