17 matches found
Karel IP Phone IP1211 Web Management Panel - Local File Inclusion
Karel IP Phone IP1211 Web Management Panel is vulnerable to local file inclusion and can allow remote attackers to access arbitrary files stored on the remote device via the 'cgiServer.exx' endpoint and the 'page' parameter. id: CVE-2025-34023 info: name: Karel IP Phone IP1211 Web Management Pane...
Acer M6E 安全漏洞
The Acer M6E is a portable 5G mobile hotspot device from Acer, a company based in Taiwan, China. The Acer M6E has a security vulnerability. This vulnerability stems from the fact that the web management panel is widely bound to the public IPv6 address space at port :::8080, with no default firewa...
EUVD-2007-5008
Malware in sbrugna...
EUVD-2025-18777
Malicious code in bioql PyPI...
AxxonSoft AxxonOne 安全漏洞
AxxonSoft AxxonOne is a video surveillance and security management software from AxxonSoft Ireland. A security vulnerability exists in AxxonSoft AxxonOne versions prior to 2.0.3, which stems from insufficient expiration of the Web Management Panel session, which may result in privilege retention...
CVE-2025-34023
A path traversal vulnerability exists in the Karel IP1211 IP Phone's web management panel. The /cgi-bin/cgiServer.exx endpoint fails to properly sanitize user input to the page parameter, allowing remote authenticated attackers to access arbitrary files on the underlying system by using crafted...
CVE-2025-34023
A path traversal vulnerability exists in the Karel IP1211 IP Phone's web management panel. The /cgi-bin/cgiServer.exx endpoint fails to properly sanitize user input to the page parameter, allowing remote authenticated attackers to access arbitrary files on the underlying system by using crafted...
CVE-2025-34023 Karel IP Phone IP1211 Path Traversal
A path traversal vulnerability exists in the Karel IP1211 IP Phone's web management panel. The /cgi-bin/cgiServer.exx endpoint fails to properly sanitize user input to the page parameter, allowing remote authenticated attackers to access arbitrary files on the underlying system by using crafted...
CVE-2025-34023
CVE-2025-34023 affects the Karel IP1211 IP Phone, specifically the web management panel. The vulnerability is a path traversal in the "/cgi-bin/cgiServer.exx" endpoint where the page parameter is not sanitized, allowing remote authenticated attackers to access arbitrary files on the device. Explo...
CVE-2025-34023 Karel IP Phone IP1211 Path Traversal
A path traversal vulnerability exists in the Karel IP1211 IP Phone's web management panel. The /cgi-bin/cgiServer.exx endpoint fails to properly sanitize user input to the page parameter, allowing remote authenticated attackers to access arbitrary files on the underlying system by using crafted...
NETGEAR JGS516PE/GS116Ev2 Integer Overflow Vulnerability
The NETGEAR JGS516PE/GS116Ev2 is a 16-port Gigabit Smart Managed Plus switch. An integer overflow vulnerability exists in the Web Management Panel of the NETGEAR JGS516PE/GS116Ev2 version 2.6.0.43. An attacker could exploit this vulnerability to cause a denial of service...
Netgear NETGEAR JGS516PE 输入验证错误漏洞
The NETGEAR JGS516PE/GS116Ev2 is a 16-port Gigabit Smart Managed Plus switch. An integer overflow vulnerability exists in the Web Management Panel of the NETGEAR JGS516PE/GS116Ev2 version 2.6.0.43. An attacker could exploit this vulnerability to cause a denial of service...
Karel IP Phone IP1211 Web Management Panel Directory Traversal
Exploit Title: Karel IP Phone IP1211 Web Management Panel - Directory Traversal Exploit Author: Berat Gokberk ISLER Date: 2020-09-01 CVE: N/A Type: Webapps Vendor Homepage: https://www.karel.com.tr/urun-cozum/ip1211-ip-telefon Version: IP1211 Details Directory traversal vulnerability on the Karel...
LevelOne WBR3404TX Broadband Router RC Parameter Cross Site Scripting Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/25738/info The LevelOne WBR3404TX Broadband Router is prone to multiple cross-site scripting vulnerabilities because the software fails to sufficiently sanitize user-supplied input. These issues occurs in the web manageme...
CVE-2007-5027
CVE-2007-5027 involves multiple XSS vulnerabilities in the web management panel (cgi-bin/ddns) of the WBR3404TX broadband router with firmware R1.94p0vTIG. The flaws allow remote attackers to inject arbitrary JavaScript/HTML via the DD or DU parameters. The provided documents confirm the affected...
WBR3404TX Broadband Router XSS
I.Overview Current firmware version is R1.94p0vTIG the latest. WBR3404TX Broadband Router Web Management II.Description http://routeraddress/cgi-bin/ddns?RC=40&DG0=x&DP=D&DD=223E3Cscript3Ealert'xss20detected!';3C/script3E3Ctext20id=22&DU=&DW=...
LevelOne WBR3404TX Broadband Router - RC Cross-Site Scripting
LevelOne WBR3404TX Broadband Router - RC Cross-Site Scripting source: https://www.securityfocus.com/bid/25738/info The LevelOne WBR3404TX Broadband Router is prone to multiple cross-site scripting vulnerabilities because the software fails to sufficiently sanitize user-supplied input. These issue...