15 matches found
EUVD-2017-7965
Malware in sbrugna...
CVE-2023-35835
An issue was discovered in SolaX Pocket WiFi 3 through 3.001.02. The device provides a WiFi access point for initial configuration. The WiFi network provided has no network authentication such as an encryption key and persists permanently, including after enrollment and setup is complete. The WiF...
Meinberg Multiple Vulnerabilities in LANTIME Products (CVE-2017-16787)
The Web Configuration Utility in Meinberg LANTIME devices with firmware before 6.24.004 allows remote attackers to read arbitrary files by leveraging failure to restrict URL access. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...
Meinberg Multiple Vulnerabilities in LANTIME Products (CVE-2017-16786)
The Web Configuration Utility in Meinberg LANTIME devices with firmware before 6.24.004 allows remote authenticated users with certain privileges to read arbitrary files via 1 the ntpclientcounterlogfile parameter to cgi-bin/mainv2 or 2 vectors involving curl support of the file schema in the...
Meinberg LANTIME Web Configuration Utility Arbitrary File Read Vulnerability
Meinberg LANTIME is an NTP time server from Meinberg, Germany.Web Configuration Utility is one of the web configuration utilities. A security vulnerability exists in the Web Configuration Utility on Meinberg LANTIME with firmware prior to version 6.24.004. A remote attacker can exploit the...
CVE-2017-16786
The Web Configuration Utility in Meinberg LANTIME devices with firmware before 6.24.004 allows remote authenticated users with certain privileges to read arbitrary files via 1 the ntpclientcounterlogfile parameter to cgi-bin/mainv2 or 2 vectors involving curl support of the "file" schema in the...
Meinberg LANTIME Web Arbitrary File Read Vulnerability
Meinberg LANTIME is an NTP time server from Meinberg, Germany.Web Configuration Utility is one of the web configuration utilities. A security vulnerability exists in the Web Configuration Utility in Meinberg LANTIME with firmware prior to version 6.24.004. A remote attacker can exploit the...
CVE-2017-16788
CVE-2017-16788 affects Meinberg LANTIME Web Configuration Utility on LTOS6 devices with firmware before 6.24.004. The vulnerability is a directory traversal in the Upload Groupkey functionality that allows remote-authenticated Admin-User actors to write to arbitrary files and potentially gain roo...
CVE-2017-16787
The CVE-2017-16787 issue affects Meinberg LANTIME Web Configuration Utility on LTOS6 devices with firmware earlier than 6.24.004. The root cause is a failure to restrict URL access, allowing remote attackers to read arbitrary files by accessing the web config CGI (e.g., mainv2) and using paramete...
Meinberg LANTIME Web Configuration Utility 6.16.008 Authentication Bypass
Title: Meinberg LANTIME Web Configuration Utility - Failure to Restrict URL Access Author: Jakub Palaczynski CVE: CVE-2017-16787 Exploit tested on: ================== Meinberg LANTIME Web Configuration Utility 6.16.008 Vulnerability affects: ====================== All LTOS6 firmware releases befo...
Meinberg LANTIME Web Configuration Utility 6.16.008 Arbitrary File Upload
Title: Meinberg LANTIME Web Configuration Utility - Arbitrary File Upload Path Traversal Author: Jakub Palaczynski CVE: CVE-2017-16788 Exploit was tested on: ====================== Meinberg LANTIME Web Configuration Utility 6.16.008 Vulnerability affects: ====================== All LTOS6 firmware...
FlexWATCH.txt
------------------ u0xa ------------------------ Author: SLAIZER mail: slaizeratphreaker.net Date: Sun/Oct/26/2003 -------"Another way of seeing the things"-------- ------------------------------------------------- Unauthorized access Vulnerability in FlexWATCH camera Server...
CVE-2002-0250
Web configuration utility in HP AdvanceStack hubs J3200A through J3210A with firmware version A.03.07 and earlier, allows unauthorized users to bypass authentication via a direct HTTP request to the webaccess.html file, which allows the user to change the switch's configuration and modify the...
openlink.3.2.txt
Overview: A serious security hole has been found in the web configuration utility that comes with OpenLink 3.2. This hole will allow remote users to execute arbitrary code as the user id under which the web configurator is run inherited from the request broker, oplrqb. The hole is a run-of-the-mi...
OpenLink Software OpenLink 3.2 - Remote Buffer Overflow
// source: https://www.securityfocus.com/bid/720/info Both the Unix and WindowsNT versions of OpenLink 3.2 are vulnerable to a remotely exploitable buffer overflow attack. The problem is in their web configuration utility, and is the result of an unchecked strcpy call. The consequence is the...