3068 matches found
CVE-2019-6696
CVE-2019-6696 is a FortiOS URL-redirect vulnerability caused by improper input validation on the admin webUI password-change page. Connected sources confirm it affects FortiOS 5.x (>=5.4.0), 6.x (prior to 6.0.9), and 6.2.x (prior to 6.2.2). The issue allows an attacker to perform an URL redire...
Cisco IOS WebUI Command Injection (CVE-2019-12651)
A command injection vulnerability exists in Cisco IOS XE WebUI. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
Cisco IOS XE WebUI Privileged Command Injection (CVE-2019-12650)
A command injection exists in the WebUI component of Cisco IOS XE. The vulnerability is due to insufficient input validation on form content submitted by a user via the WebUI.A remote, authenticated attacker with administrative access can exploit this vulnerability by sending a crafted HTTP reque...
Protect
An improper input validation vulnerability in FortiOS admin webUI may allow an attacker to perform an URL redirect attack via a specifically crafted request to the admin initial password change webpage...
Unraid OS WebUI Missing Authentication
The script checks if the Web UI of Unraid OS is accessible without authentication. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
FortiManager Privilege Management Vulnerability
Fortinet FortiManager VM is a centralized network security management platform for virtual machines. FortiManager versions 5.2.1 and earlier, 5.0.10 and earlier, have a privilege management vulnerability in the WebUI FTP backup page implementation that can be exploited by an attacker to compromis...
CVE-2015-3613
A vulnerability exists in in FortiManager 5.2.1 and earlier and 5.0.10 and earlier in the WebUI FTP backup page...
Design/Logic Flaw
A vulnerability exists in in FortiManager 5.2.1 and earlier and 5.0.10 and earlier in the WebUI FTP backup page...
CVE-2015-3613
FortiManager VM and FortiManager appliances with versions 5.2.1 and earlier, and 5.0.10 and earlier, expose a privilege management vulnerability in the WebUI FTP backup page. The issue, confirmed by multiple sources, can be exploited to compromise confidentiality, integrity, and availability of t...
CVE-2019-12629
A vulnerability in the WebUI of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to inject and execute arbitrary commands with vmanage user privileges on an affected system. The vulnerability is due to insufficient input validation of data parameters for certain fields in t...
Input validation
A vulnerability in the WebUI of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to inject and execute arbitrary commands with vmanage user privileges on an affected system. The vulnerability is due to insufficient input validation of data parameters for certain fields in t...
CVE-2019-12629 Cisco SD-WAN vManage Command Injection Vulnerability
A vulnerability in the WebUI of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to inject and execute arbitrary commands with vmanage user privileges on an affected system. The vulnerability is due to insufficient input validation of data parameters for certain fields in t...
CVE-2019-12629 Cisco SD-WAN vManage Command Injection Vulnerability
A vulnerability in the WebUI of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to inject and execute arbitrary commands with vmanage user privileges on an affected system. The vulnerability is due to insufficient input validation of data parameters for certain fields in t...
CVE-2019-12629
The CVE-2019-12629 issue pertains to Cisco SD-WAN vManage WebUI. Affected component: WebUI of Cisco SD-WAN Solution; root cause: insufficient input validation of data parameters in login-related fields. Exploitation: an authenticated remote attacker can configure a malicious username on the login...
CVE-2019-15712
An improper access control vulnerability in FortiMail admin webUI 6.2.0, 6.0.0 to 6.0.6, 5.4.10 and below may allow administrators to access web console they should not be authorized for...
CVE-2019-15707
An improper access control vulnerability in FortiMail admin webUI 6.2.0, 6.0.0 to 6.0.6, 5.4.10 and below may allow administrators to perform system backup config download they should not be authorized for...
Improper access control
An improper access control vulnerability in FortiMail admin webUI 6.2.0, 6.0.0 to 6.0.6, 5.4.10 and below may allow administrators to perform system backup config download they should not be authorized for...
Improper access control
An improper access control vulnerability in FortiMail admin webUI 6.2.0, 6.0.0 to 6.0.6, 5.4.10 and below may allow administrators to access web console they should not be authorized for...
CVE-2019-15707
An improper access control vulnerability in FortiMail admin webUI 6.2.0, 6.0.0 to 6.0.6, 5.4.10 and below may allow administrators to perform system backup config download they should not be authorized for...
CVE-2019-15707
CVE-2019-15707 concerns FortiMail admin webUI vulnerabilities: improper access control in FortiMail versions 6.2.0, 6.0.0–6.0.6, and 5.4.10 and earlier, enabling administrators to download system backup configurations they should not be authorized to access. Public references include Fortinet FG-...