Lucene search
K

33 matches found

CVE
CVE
added 2025/04/23 4:51 p.m.55 views

CVE-2025-2770

CVE-2025-2770 is linked to BEC Technologies Multiple Routers. The vulnerability arises from storing credentials in a recoverable (cleartext) format in the web-based user interface, allowing a remote attacker to disclose stored passwords after authentication. Exploitation details, affected models/...

6.5CVSS4.8AI score0.00387EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2025/04/08 8:22 a.m.55 views

CVE-2024-41789

Siemens SENTRON 7KT PAC1260 Data Manager (all versions) is affected by an OS command injection vulnerability caused by inadequate sanitization of the language parameter in certain POST requests, enabling an authenticated attacker to execute arbitrary code with root privileges. Multiple sources (N...

9.4CVSS8AI score0.00831EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2018-4300

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The session cookie generated by the CUPS web interface was easy to guess on Linux, allowing unauthorized scripted access to the web interface when the web...

5.9CVSS6.4AI score0.01841EPSS
Exploits1References2
NVD
NVD
added 2025/01/05 3:15 a.m.10 views

CVE-2024-13131

Rejected reason: REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2019-9680. Reason: This candidate is a reservation duplicate of CVE-2019-9680. Notes: All CVE users should reference CVE-2019-9680 instead of this candidate. All references and descriptions in this candidate have been remov...

Exploits0
Cvelist
Cvelist
added 2025/01/05 1:0 a.m.42 views

CVE-2024-13130 Dahua IPC-HFW1200S Web Interface Sha1Account1 path traversal

A vulnerability was found in Dahua IPC-HFW1200S, IPC-HFW2300R-Z, IPC-HFW5220E-Z and IPC-HDW1200S up to 20241222. It has been rated as problematic. Affected by this issue is some unknown functionality of the file ../mtd/Config/Sha1Account1 of the component Web Interface. The manipulation leads to...

5.3CVSS0.00567EPSS
Exploits0References4
NVD
NVD
added 2024/12/17 8:15 p.m.30 views

CVE-2024-55514

A vulnerability was found in Raisecom MSG1200, MSG2100E, MSG2200, and MSG2300 3.90. The component affected by this issue is /uploadsfmig.php on the web interface. By crafting a suitable form name, arbitrary files can be uploaded, potentially leading to unauthorized access to server permissions...

6.3CVSS0.00222EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/12/17 12:0 a.m.13 views

CVE-2024-55514

A vulnerability was found in Raisecom MSG1200, MSG2100E, MSG2200, and MSG2300 3.90. The component affected by this issue is /uploadsfmig.php on the web interface. By crafting a suitable form name, arbitrary files can be uploaded, potentially leading to unauthorized access to server permissions...

0.00222EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/01/16 12:0 a.m.4 views

CVE-2023-51059

An issue in MOKO TECHNOLOGY LTD MOKOSmart MKGW1 BLE Gateway v.1.1.1 and before allows a remote attacker to escalate privileges via the session management component of the administrative web interface...

8.8AI score0.00862EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2023/07/05 12:0 a.m.6 views

PT-2023-5715 · Aruba · Arubaos

Name of the Vulnerable Software and Affected Versions: ArubaOS affected versions not specified Description: The issue is related to an unauthenticated buffer overflow vulnerability in the process controlling the ArubaOS web-based management interface. Successful exploitation results in a...

7.5CVSS7.5AI score0.00636EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2023/01/31 12:0 a.m.4 views

PT-2023-36382 · Xerox · Workcentre 3025

Уязвимость веб-интерфейса микропрограммного обеспечения принтеров Xerox WorkCentre 3025 связана с некорректной обработкой специальных символов во входных данных. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, получить несанкционированный доступ к учетным данным путем...

10CVSS7.3AI score
Exploits0References1
OSV
OSV
added 2019/06/18 4:15 p.m.5 views

UBUNTU-CVE-2018-18836

An issue was discovered in Netdata 1.10.0. JSON injection exists via the api/v1/data tqx parameter because of webclientapirequestv1data in web/api/webapiv1.c...

6.5CVSS6.9AI score0.01962EPSS
Exploits1References8
Prion
Prion
added 2018/03/06 9:29 p.m.15 views

Cross site request forgery (csrf)

An Information Exposure Through Query Strings in GET Request issue was discovered in Belden Hirschmann RS, RSR, RSB, MACH100, MACH1000, MACH4000, MS, and OCTOPUS Classic Platform Switches. An information exposure through query strings vulnerability in the web interface has been identified, which...

6.4CVSS6.4AI score0.01323EPSS
Exploits0References2
exploitpack
exploitpack
added 2002/07/27 12:0 a.m.12 views

Lucent Access Point 3006001500 IP Services Router - Long HTTP Request Denial of Service

Lucent Access Point 3006001500 IP Services Router - Long HTTP Request Denial of Service source: https://www.securityfocus.com/bid/5333/info The Lucent Access Point series of routers support a web based administrative interface. An error has been reported in the embedded HTTP server. It has been...

0.3AI score
Exploits0
Rows per page
Query Builder