Lucene search
K

47 matches found

RedhatCVE
RedhatCVE
added 2025/02/05 1:3 a.m.7 views

CVE-2024-28025

Three OS command injection vulnerabilities exist in the web interface I/O configuration functionality of MC Technologies MC LR Router 2.10.5. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger these...

7.2CVSS8AI score0.07504EPSS
Exploits1References1
NVD
NVD
added 2025/01/27 5:15 p.m.24 views

CVE-2024-48419

Edimax AC1200 Wi-Fi 5 Dual-Band Router BR-6476AC 1.06 suffers from Command Injection issues in /bin/goahead. Specifically, these issues can be triggered through /goform/tracerouteDiagnosis, /goform/pingDiagnosis, and /goform/fromSysToolPingCmd Each of these issues allows an attacker with access t...

8.8CVSS0.05255EPSS
Exploits1References1
EUVD
EUVD
added 2024/08/07 4:46 p.m.4 views

EUVD-2024-18165

Multiple vulnerabilities in the web-based management interface of Cisco Small Business SPA300 Series IP Phones and Cisco Small Business SPA500 Series IP Phones could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system with root privileges...

9.8CVSS8AI score0.07225EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2024/07/31 12:0 a.m.6 views

The vulnerability of the newcli.php web interface of the Ruijie EG-2000SE software firewall allows a perpetrator to escalate their privileges and gain unauthorized access to protected information.

The vulnerability of the newcli.php web interface of the Ruijie EG-2000SE software gateway lies in the lack of measures taken to neutralize the special elements used in commands. Exploiting this vulnerability can allow an attacker, operating remotely, to enhance their privileges and gain...

6.5CVSS5.5AI score0.00822EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2023/09/20 12:0 a.m.12 views

PT-2023-27962 · Frauscher Sensortechnik Gmbh · Fds101

Name of the Vulnerable Software and Affected Versions: Frauscher Sensortechnik GmbH FDS101 for FAdC/FAdCi versions 1.4.24 and all previous versions Description: The issue allows a remote attacker to read all files on the filesystem of the FDS101 device by exploiting a path traversal vulnerability...

7.5CVSS7.4AI score0.00742EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2023/08/15 12:0 a.m.4 views

PT-2023-28742 · Broadcom · Broadcom Raid Controller

Name of the Vulnerable Software and Affected Versions: Broadcom RAID Controller affected versions not specified Description: The Broadcom RAID Controller web interface is vulnerable due to its usage of Libcurl with known vulnerabilities in LSA. Recommendations: At the moment, there is no...

9.8CVSS9.4AI score0.00588EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2023/04/05 11:0 p.m.3 views

CVE-2023-20134

Multiple vulnerabilities in the web interface of Cisco Webex Meetings could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack or upload arbitrary files as recordings. For more information about these vulnerabilities, see the Details section of this adviso...

6.5CVSS6.7AI score0.00452EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/04/05 12:0 a.m.1 views

CVE-2023-20131 Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager EPNM could allow a remote attacker to obtain privileged information and conduct cross-site scripting XSS and cross-site request forgery CSRF attacks. For mor...

6.5CVSS5.2AI score0.00573EPSS
Exploits0References1
NCSC
NCSC
added 2023/03/16 12:0 a.m.5 views

Vulnerabilities fixed in Aruba Clearpass Policy Manager

Aruba Networks has fixed vulnerabilities in Clearpass Policy Manager. The vulnerabilities are located in the web-based management interface of CPPM and allow a malicious person to access gain access to sensitive data, execute arbitrary code on the underlying system or, through a chain of actions,...

9.8CVSS7.2AI score0.00961EPSS
Exploits0
OSV
OSV
added 2022/11/15 9:15 p.m.4 views

CVE-2022-20936

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center FMC Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface of an affected device. These vulnerabilities are due t...

4.8CVSS6AI score0.00446EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/07/06 4:0 p.m.7 views

CVE-2022-20812

Multiple vulnerabilities in the API and in the web-based management interface of Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS could allow a remote attacker to overwrite arbitrary files or conduct null byte poisoning attacks on an affected device. Note: Cisco...

9CVSS6.9AI score0.01795EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2022/03/02 12:0 a.m.3 views

PT-2022-1785 · Cisco · Cisco Telepresence Video Communication Server +1

Name of the Vulnerable Software and Affected Versions: Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS affected versions not specified Description: The issue is related to multiple vulnerabilities in the API and web-based management interfaces of the affected devices...

9CVSS7.4AI score0.03177EPSS
Exploits0References11
Prion
Prion
added 2022/01/14 5:15 a.m.17 views

Cross site scripting

Multiple vulnerabilities in the web-based management interface of Cisco Security Manager could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks against a user of the interface. These vulnerabilities are due to insufficient validation of user-supplied input by the...

4.3CVSS6.2AI score0.00759EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2021/11/03 12:0 a.m.5 views

PT-2021-4959 · Cisco · Cisco Catalyst Pon Series Switches Ont

Name of the Vulnerable Software and Affected Versions: Cisco Catalyst Passive Optical Network PON Series Switches Optical Network Terminal ONT affected versions not specified Description: The issue is related to multiple vulnerabilities in the web-based management interface of the Cisco Catalyst...

10CVSS7.9AI score0.01386EPSS
Exploits0References4
OSV
OSV
added 2021/06/16 6:15 p.m.4 views

CVE-2021-1542

Multiple vulnerabilities in the web-based management interface of Cisco Small Business 220 Series Smart Switches could allow an attacker to do the following: Hijack a user session Execute arbitrary commands as a root user on the underlying operating system Conduct a cross-site scripting XSS attac...

8.1CVSS7.2AI score0.01387EPSS
Exploits0References1
OSV
OSV
added 2021/01/20 9:15 p.m.2 views

CVE-2021-1250

Multiple vulnerabilities in the web-based management interface of Cisco Data Center Network Manager DCNM could allow a remote attacker with network-operator privileges to conduct a cross-site scripting XSS attack or a reflected file download RFD attack against a user of the interface. For more...

5.4CVSS6.1AI score0.00614EPSS
Exploits0References1
OSV
OSV
added 2021/01/13 10:15 p.m.4 views

CVE-2021-1186

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. The vulnerabilities are due to improper...

7.2CVSS7.4AI score0.02753EPSS
Exploits0References1
OSV
OSV
added 2021/01/13 10:15 p.m.5 views

CVE-2021-1161

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. The vulnerabilities are due to improper...

7.2CVSS7.4AI score0.02194EPSS
Exploits0References1
OSV
OSV
added 2021/01/13 10:15 p.m.5 views

CVE-2021-1171

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. The vulnerabilities are due to improper...

7.2CVSS7.4AI score0.02194EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2019/05/10 12:0 a.m.279 views

Pulse Connect Secure Multiple Vulnerabilities (SA44101)

According to its self-reported version, the version of Pulse Connect Secure running on the remote host is affected by multiple vulnerabilities. - An arbitrary file read vulnerability exists in PCS. An unauthenticated, remote attacker can exploit this, via specially crafted URI, to read arbitrary...

10CVSS7AI score0.99999EPSS
Exploits40References16
Rows per page
Query Builder