EUVD-2022-31384

Malicious code in bioql PyPI...

CVE-2024-47044

Multiple Home GateWay/Hikari Denwa routers provided by NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION are vulnerable to insufficient access restrictions for Device Setting pages. If this vulnerability is exploited, an attacker who identified WAN-side IPv6 address may access the product's Device...

CVE-2024-47044

Summary (CVE-2024-47044) : Several NTT East Home GateWay/Hikari Denwa routers fail to restrict access permissions (CWE-451), allowing an attacker who knows a WAN-side IPv6 address to reach the device’s Settings page via WAN-side. Affected models include RT-400MI, PR-400MI, RV-440MI, PR-500MI, RS-...

CVE-2024-47044

Multiple Home GateWay/Hikari Denwa routers provided by NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION are vulnerable to insufficient access restrictions for Device Setting pages. If this vulnerability is exploited, an attacker who identified WAN-side IPv6 address may access the product's Device...

CVE-2024-47045

Privilege chaining issue exists in the installer of e-Tax softwarecommon program. If this vulnerability is exploited, a malicious DLL prepared by an attacker may be executed with higher privileges than the application privilege...

CVE-2024-47045

The CVE-2024-47045 issue affects the installer for the e-Tax software (common program). The vulnerability allows a malicious DLL uploaded or introduced by an attacker to run with higher privileges than the application, due to privilege escalation in the install process (root cause described as a ...

CVE-2022-33948

HOME SPOT CUBE2 V102 contains an OS command injection vulnerability due to improper processing of data received from DHCP server. An adjacent attacker may execute an arbitrary OS command on the product if a malicious DHCP server is placed on the WAN side of the product...

CVE-2022-26834

Improper access control vulnerability in Rakuten Casa version APFV141 or APFV200 allows a remote attacker to obtain the information stored in the product because the product is set to accept HTTP connections from the WAN side by default...

Improper access control

Improper access control vulnerability in Rakuten Casa version APFV141 or APFV200 allows a remote attacker to obtain the information stored in the product because the product is set to accept HTTP connections from the WAN side by default...

Improper access control

Improper access control vulnerability in Rakuten Casa version APFV141 or APFV200 allows a remote attacker to log in with the root privilege and perform an arbitrary operation if the product is in its default settings in which is set to accept SSH connections from the WAN side, and is also connect...

CVE-2022-28704

Improper access control vulnerability in Rakuten Casa version APFV141 or APFV200 allows a remote attacker to log in with the root privilege and perform an arbitrary operation if the product is in its default settings in which is set to accept SSH connections from the WAN side, and is also connect...

CVE-2022-26834

CVE-2022-26834 concerns Rakuten Casa when running AP_F_V1_4_1 or AP_F_V2_0_0, where improper access control allows a remote attacker to view stored information because the device accepts HTTP connections from the WAN side by default. The NVD entry notes a network-exposed condition with a base CVS...

BigPond 3G21WB Multiple Vulnerabilities

No description provided by source. Hard-coded credentials and command-injection vulnerabilities on BigPond 3G21WB ============================================================================== ADVISORY INFORMATION Title: Hard-coded credentials and command-injection vulnerabilities on BigPond 3G21...