Lucene search
K

104 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 3:5 a.m.10 views

CVE-2012-2439

The default configuration of the NETGEAR ProSafe FVS318N firewall enables web-based administration on the WAN interface, which allows remote attackers to establish an HTTP connection and possibly have unspecified other impact via unknown vectors...

7.5CVSS7.7AI score0.02205EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/04/27 1:58 p.m.23 views

CVE-2024-6199

An unauthenticated attacker on the WAN interface, with the ability to intercept Dynamic DNS DDNS traffic between DDNS services and the modem, could manipulate specific responses to include code that forces a buffer overflow on the modem. Customers that have not enabled Dynamic DNS on their modem...

7.7CVSS8AI score0.00167EPSS
Exploits0References1
NVD
NVD
added 2025/04/25 1:15 p.m.22 views

CVE-2024-6199

An unauthenticated attacker on the WAN interface, with the ability to intercept Dynamic DNS DDNS traffic between DDNS services and the modem, could manipulate specific responses to include code that forces a buffer overflow on the modem. Customers that have not enabled Dynamic DNS on their modem...

7.7CVSS0.00167EPSS
Exploits0References1
CVE
CVE
added 2025/04/25 1:2 p.m.77 views

CVE-2024-6199

CVE-2024-6199 describes an unauthenticated remote code execution vector on the WAN interface via interception of Dynamic DNS (DDNS) traffic, enabling an attacker to inject responses that trigger a buffer overflow in the modem. Reported impact includes ability to execute code on affected devices, ...

7.7CVSS7.3AI score0.00167EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/04/25 12:0 a.m.6 views

PT-2025-17903 · Viasat · Eg1000 +4

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: An unauthenticated attacker on the WAN interface, with the ability to intercept Dynamic DNS DDNS traffic between DDNS services and the modem, could manipulate specific responses to include...

7.7CVSS6.8AI score0.00167EPSS
Exploits0References8
NVD
NVD
added 2024/11/11 1:15 a.m.37 views

CVE-2024-41992

Wi-Fi Alliance wfadut in Wi-Fi Test Suite through 9.0.0 allows OS command injection via 802.11x frames because the system library function is used. For example, on Arcadyan FMIMG51AX000J devices, this leads to wfaTGSendPing remote code execution as root via traffic to TCP port 8000 or 8080 on a L...

8.8CVSS0.02548EPSS
Exploits1References2
Cvelist
Cvelist
added 2024/11/11 12:0 a.m.25 views

CVE-2024-41992

Wi-Fi Alliance wfadut in Wi-Fi Test Suite through 9.0.0 allows OS command injection via 802.11x frames because the system library function is used. For example, on Arcadyan FMIMG51AX000J devices, this leads to wfaTGSendPing remote code execution as root via traffic to TCP port 8000 or 8080 on a L...

0.02548EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/11/11 12:0 a.m.17 views

CVE-2024-41992

Wi-Fi Alliance wfadut in Wi-Fi Test Suite through 9.0.0 allows OS command injection via 802.11x frames because the system library function is used. For example, on Arcadyan FMIMG51AX000J devices, this leads to wfaTGSendPing remote code execution as root via traffic to TCP port 8000 or 8080 on a L...

8.6AI score0.02548EPSS
Exploits1References1
CVE
CVE
added 2024/11/11 12:0 a.m.65 views

CVE-2024-41992

The CVE-2024-41992 entry concerns the Wi‑Fi Alliance’s wfa_dut (Wi‑Fi Test Suite) up to version 9.0.0, where OS command injection is possible because the code uses the system() library function. Affected Arcadyan FMIMG51AX000J devices can achieve remote code execution as root (example: wfaTGSendP...

8.8CVSS8.4AI score0.02548EPSS
Exploits1References2
Exploit DB
Exploit DB
added 2024/06/14 12:0 a.m.439 views

Zyxel IKE Packet Decoder - Unauthenticated Remote Code Execution (Metasploit)

Exploit Title: Zyxel IKE Packet Decoder Unauthenticated Remote Code Execution Date: 2023-03-31 Exploit Author: sf Vendor Homepage: https://www.zyxel.com/ Software Link: https://www.zyxel.com/ Version: ATP Firmware version 4.60 to 5.35 inclusive, USG FLEX Firmware version 4.60 to 5.35 inclusive, V...

9.8CVSS7.4AI score0.99284EPSS
Exploits8
NVD
NVD
added 2024/04/25 8:15 a.m.22 views

CVE-2024-4173

A vulnerability in Brocade SANnav exposes Kafka in the wan interface. The vulnerability could allow an unauthenticated attacker to perform various attacks, including DOS against the Brocade SANnav...

9.8CVSS7.5AI score0.00588EPSS
Exploits0References1
OSV
OSV
added 2024/04/25 8:15 a.m.1 views

CVE-2024-4173

A vulnerability in Brocade SANnav exposes Kafka in the wan interface. The vulnerability could allow an unauthenticated attacker to perform various attacks, including DOS against the Brocade SANnav...

9.8CVSS5.8AI score0.00588EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/04/25 7:30 a.m.19 views

CVE-2024-4173 SANnav versions exposes Kafka in the wan interface.

A vulnerability in Brocade SANnav exposes Kafka in the wan interface. The vulnerability could allow an unauthenticated attacker to perform various attacks, including DOS against the Brocade SANnav...

7.6CVSS7.7AI score0.00588EPSS
Exploits0References1
CVE
CVE
added 2024/04/25 7:30 a.m.67 views

CVE-2024-4173

CVE-2024-4173 affects Brocade SANnav. Public docs show that Kafka is exposed on the WAN interface and, in SANnav versions prior to 2.2.0, the Kafka process runs as root with default credentials, enabling unauthenticated access that could lead to DOS among other attacks. The issue is documented by...

9.8CVSS6.8AI score0.00588EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2024/04/25 12:0 a.m.3 views

Broadcom Brocade SANnav 安全漏洞

Broadcom Brocade SANnav is a suite of SAN management platforms from Broadcom USA. A security vulnerability exists in Brocade SANnav versions prior to v2.2.0 that stems from exposing Kafka in the WAN interface, which could allow an unauthenticated attacker to perform various attacks...

9.8CVSS6.8AI score0.00588EPSS
Exploits0References2
Broadcom
Broadcom
added 2024/04/25 12:0 a.m.31 views

Brocade SANnav exposes Kafka in the wan interface (CVE-2024-4173)

Brocade SANnav ports used by Kafka are open for the entire wan vs being limited to only the FabricOS switches discovered by the SANnav. Additionally, in Brocade SANnav versions priorto version v2.2.0, the Kafka process is started as a root user using defaultcredentials. The vulnerability could...

7.6CVSS7.5AI score0.00588EPSS
Exploits0
Broadcom
Broadcom
added 2024/04/17 12:0 a.m.33 views

Brocade SANnav versions before v2.3.0a do not correctly set permissions on files, including docker files. (CVE-2024-29964)

Brocade SANnav versions before v2.3.0a do not correctly set permissions on files, including docker files. An unprivileged attacker who gains access to the server can read sensitive information from these files...

5.7CVSS5.4AI score0.0052EPSS
Exploits0Affected Software1
NVD
NVD
added 2024/02/17 4:15 a.m.16 views

CVE-2023-31728

Teltonika RUT240 devices with firmware before 07.04.2, when bridge mode is used, sometimes make SSH and HTTP services available on the IPv6 WAN interface even though the UI shows that they are only available on the LAN interface...

7CVSS6.8AI score0.00203EPSS
Exploits0References2
NVD
NVD
added 2023/09/19 2:15 p.m.15 views

CVE-2023-31808

Technicolor TG670 10.5.N.9 devices contain multiple accounts with hard-coded passwords. One account has administrative privileges, allowing for unrestricted access over the WAN interface if Remote Administration is enabled...

7.2CVSS7.2AI score0.00503EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2023/09/19 2:15 p.m.5 views

CVE-2023-31808

Technicolor TG670 10.5.N.9 devices contain multiple accounts with hard-coded passwords. One account has administrative privileges, allowing for unrestricted access over the WAN interface if Remote Administration is enabled...

7.2CVSS5.7AI score0.00503EPSS
Exploits0References2
Rows per page
Query Builder