22 matches found
EUVD-2017-17192
Malware in sbrugna...
EUVD-2016-10360
Malware in sbrugna...
EUVD-2016-10359
Malware in sbrugna...
CVE-2021-35336
Tieline IP Audio Gateway 2.6.4.8 and below is affected by Incorrect Access Control. A vulnerability in the Tieline Web Administrative Interface could allow an unauthenticated user to access a sensitive part of the system with a high privileged account...
Tieline IP Audio Gateway 访问控制错误漏洞
IP Audio Gateway is an audio codec from Tieline. An access control error vulnerability exists in Tieline IP Audio Gateway, which stems from a vulnerability in the Tieline Web Administrative Interface that could allow an unauthenticated user with a highly privileged account to access sensitive par...
CVE-2020-35338
The Web Administrative Interface in Mobile Viewpoint Wireless Multiplex Terminal WMT Playout Server 20.2.8 and earlier has a default account with a password of "pokon."...
CVE-2020-35338
CVE-2020-35338 affects Wireless Multiplex Terminal Playout Server
Cross site request forgery (csrf)
Aruba ClearPass 6.6.x prior to 6.6.9 and 6.7.x prior to 6.7.1 is vulnerable to CSRF attacks against authenticated users. An attacker could manipulate an authenticated user into performing actions on the web administrative interface...
CVE-2018-7060
CVE-2018-7060 concerns Aruba ClearPass CSRF on authenticated users. Connected sources (NVD/CNVD) confirm: affected products are Aruba ClearPass 6.6.x prior to 6.6.9 and 6.7.x prior to 6.7.1. The vulnerability enables CSRF attacks that could cause an authenticated user to perform actions on the we...
Command injection
The SonicWall Secure Remote Access server version 8.1.0.2-14sv is vulnerable to a Remote Command Injection vulnerability in its web administrative interface. This vulnerability occurs in the 'extensionsettings' CGI /cgi-bin/extensionsettings component responsible for handling some of the server's...
Dell SonicWall Secure Remote Access Multiple Command Injection Vulnerabilities
The SonicWall Secure Remote Access server version 8.1.0.2-14sv is vulnerable to a Remote Command Injection vulnerability in its web administrative interface. This vulnerability occurs in the 'extensionsettings' CGI /cgi-bin/extensionsettings component responsible for handling some of the server's...
CVE-2016-9682
The SonicWall Secure Remote Access server version 8.1.0.2-14sv is vulnerable to two Remote Command Injection vulnerabilities in its web administrative interface. These vulnerabilities occur in the diagnostics CGI /cgi-bin/diagnostics component responsible for emailing out information about the...
CVE-2016-9683
The SonicWall Secure Remote Access server version 8.1.0.2-14sv is vulnerable to a Remote Command Injection vulnerability in its web administrative interface. This vulnerability occurs in the 'extensionsettings' CGI /cgi-bin/extensionsettings component responsible for handling some of the server's...
CVE-2016-9684
Dell SonicWALL Secure Remote Access (SRA) server, version 8.1.0.2-14sv, is vulnerable to a remote command injection in the web admin CGI at /cgi-bin/viewcert. The CGI does not properly escape the CERT input before a system() call, enabling an attacker to execute arbitrary shell commands and gain ...
ipa security update
CentOS Errata and Security Advisory CESA-2015:0442 Updated ipa packages that fix two security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerabilit...
FortiGate Firewall 2.x Policy Admin Interface XSS
No description provided by source. source: http://www.securityfocus.com/bid/9033/info Multiple cross-site scripting vulnerabilities have been reported in the FortiGate Firewall web administrative interface. These issues could be exploited by enticing an administrative user to follow a malicious...
FortiGate Firewall 2.x selector Admin Interface XSS
No description provided by source. source: http://www.securityfocus.com/bid/9033/info Multiple cross-site scripting vulnerabilities have been reported in the FortiGate Firewall web administrative interface. These issues could be exploited by enticing an administrative user to follow a malicious...
CVE-2006-3907
Siemens SpeedStream 2624 allows remote attackers to cause a denial of service device hang by sending a crafted packet to the web administrative interface...
networkEverywhere.txt
NetworkEverywhere router Model NR041 latest firmware rev 1.2 Release 03 suffers a "script injection over dhcp" vulnerability. The NR041 does not filter DHCP HOSTNAME options coming from its clients. Because of that, we can inject a web script into the web based administrative interface and wait...
Fortigate Firewall 2.x - listdel Admin Interface Cross-Site Scripting
Fortigate Firewall 2.x - listdel Admin Interface Cross-Site Scripting source: https://www.securityfocus.com/bid/9033/info Multiple cross-site scripting vulnerabilities have been reported in the FortiGate Firewall web administrative interface. These issues could be exploited by enticing an...