12 matches found
CVE-2026-7840
UltraVNC repeater through 1.8.2.2 contains a global buffer overflow in its embedded HTTP administration server. The functions wisenderr and wireplyhdr in repeater/webgui/webutils.c write the caller-supplied HTTP request URI into a fixed 1000-byte global buffer hdrbuf via unchecked sprintf calls...
PT-2026-54490
Name of the Vulnerable Software and Affected Versions UltraVNC repeater versions prior to 1.8.2.3 Description The embedded HTTP administration server contains a global buffer overflow. The functions wi senderr and wi replyhdr in repeater/webgui/webutils.c write the HTTP request URI into a fixed...
CVE-2024-40117
Incorrect access control in Solar-Log 1000 before v2.8.2 and build 52- 23.04.2013 allows attackers to obtain Administrative privileges via connecting to the web administration server. Not existing for SL 200, 500, 1000 / fixed in 4.2.8 for SL 250, 300, 1200, 2000, SL 50 Gateway / fixed in 5.1.2 /...
CVE-2024-40117
Incorrect access control in Solar-Log 1000 before v2.8.2 and build 52- 23.04.2013 allows attackers to obtain Administrative privileges via connecting to the web administration server. Not existing for SL 200, 500, 1000 / fixed in 4.2.8 for SL 250, 300, 1200, 2000, SL 50 Gateway / fixed in 5.1.2 /...
CVE-2024-40117
Incorrect access control in Solar-Log 1000 before v2.8.2 and build 52- 23.04.2013 allows attackers to obtain Administrative privileges via connecting to the web administration server. Not existing for SL 200, 500, 1000 / fixed in 4.2.8 for SL 250, 300, 1200, 2000, SL 50 Gateway / fixed in 5.1.2 /...
CVE-2024-40117
Solar-Log 1000 is affected by an improper access control vulnerability that, in versions prior to v2.8.2 and build 52- 23.04.2013, can allow an attacker to obtain administrative privileges by connecting to the web administration server. The affected line items in public sources indicate no impact...
PT-2024-28787 · Sl Base +1 · Sl Base +6
Name of the Vulnerable Software and Affected Versions: Solar-Log 1000 versions prior to v2.8.2 and build 52- 23.04.2013 Solar-Log 250, 300, 1200, 2000, SL 50 Gateway versions prior to 4.2.8 SL Base versions prior to 5.1.2 and 6.0.0 Description: The issue is related to incorrect access control,...
CVE-2021-34543
The web administration server in Solar-Log 500 before 2.8.2 Build 52 does not require authentication, which allows remote attackers to gain administrative privileges by connecting to the server. As a result, the attacker can modify configuration files and change the system status. Fixed with...
Solar-Log 500 2.8.2 - Incorrect Access Control Vulnerability
Exploit Title: Solar-Log 500 2.8.2 - Incorrect Access Control Google Dork: In Shodan search engine, the filter is ""Server: email protected"" Exploit Author: Luca.Chiou Vendor Homepage: https://www.solar-log.com/en/ Software Link: Firmware for Solar-Log...
IEA multiple network applications DoS
Integrated web administration server multiple security vulnerabilities...
Oracle Web Administration Server Detection
We detected the remote web server as an Oracle Administration web server. This web server enables attackers to configure your Oracle Database server if they gain access to a valid authentication username and password. SPDX-FileCopyrightText: 2001 SecuriTeam Some text descriptions might be excerpt...
CVE-2001-1223
The CVE-2001-1223 entry concerns the web administration server of ELSA Lancom 1100 Office. The vulnerability is that the web admin interface does not require authentication, allowing arbitrary remote attackers to gain administrative privileges by connecting to the server (network exposure). The a...