3068 matches found
CVE-2019-3411
All versions up to BDR218V2.4 of ZTE MF920 product are impacted by information leak vulnerability. Due to some interfaces can obtain the WebUI login password without login, an attacker can exploit the vulnerability to obtain sensitive information about the affected components...
CVE-2019-6814
A CWE-287: Improper Authentication vulnerability exists in the NET55XX Encoder with firmware prior to version 2.1.9.7 which could cause impact to confidentiality, integrity, and availability when a remote attacker crafts a malicious request to the encoder webUI...
Authentication flaw
A CWE-287: Improper Authentication vulnerability exists in the NET55XX Encoder with firmware prior to version 2.1.9.7 which could cause impact to confidentiality, integrity, and availability when a remote attacker crafts a malicious request to the encoder webUI...
CVE-2019-6814
A CWE-287: Improper Authentication vulnerability exists in the NET55XX Encoder with firmware prior to version 2.1.9.7 which could cause impact to confidentiality, integrity, and availability when a remote attacker crafts a malicious request to the encoder webUI...
CVE-2019-6814
CVE-2019-6814 affects Schneider Electric Pelco Endura NET55XX Encoder families with firmware versions prior to 2.1.9.7, due to CWE-287 Improper Authentication. A remote attacker could craft a malicious request to the encoder webUI, leading to an authentication bypass impacting confidentiality, in...
Schneider Electric NET55XX Encoder Access Control Error Vulnerability
The Schneider Electric NET55XX Encoder is a video encoder from Schneider Electric France. An access control error vulnerability exists in the Schneider Electric NET55XX Encoder using firmware versions prior to 2.1.9.7. When a remote attacker sends a malicious request to the encoder webUI,...
CVE-2019-11816
Incorrect access control in the WebUI in OPNsense before version 19.1.8, and pfsense before 2.4.4-p3 allows remote authenticated users to escalate privileges to administrator via a specially crafted request...
Design/Logic Flaw
Incorrect access control in the WebUI in OPNsense before version 19.1.8, and pfsense before 2.4.4-p3 allows remote authenticated users to escalate privileges to administrator via a specially crafted request...
CVE-2019-11816
Incorrect access control in the WebUI in OPNsense before version 19.1.8, and pfsense before 2.4.4-p3 allows remote authenticated users to escalate privileges to administrator via a specially crafted request...
CVE-2019-11816
CVE-2019-11816 affects the WebUI of OPNsense prior to 19.1.8 and pfSense prior to 2.4.4-p3. The root cause is incorrect access control, allowing remote authenticated users to escalate privileges to administrator via a specially crafted request. Affected products: OPNsense (WebUI) and pfSense (Web...
CVE-2019-11816
Incorrect access control in the WebUI in OPNsense before version 19.1.8, and pfsense before 2.4.4-p3 allows remote authenticated users to escalate privileges to administrator via a specially crafted request...
CVE-2018-13993
The WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions 1.0 to 1.34 is prone to CSRF...
Design/Logic Flaw
The WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions 1.0 to 1.34 is vulnerable to a denial-of-service attack by making more than 120 connections...
CVE-2018-13991
The WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions 1.0 to 1.34 leaks private information in firmware images...
CVE-2018-13993
The WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions 1.0 to 1.34 is prone to CSRF...
Information disclosure
The WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions 1.0 to 1.34 leaks private information in firmware images...
Cross site request forgery (csrf)
The WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions 1.0 to 1.34 is prone to CSRF...
CVE-2018-13994
The WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions 1.0 to 1.34 is vulnerable to a denial-of-service attack by making more than 120 connections...
CVE-2018-13994
PHOENIX CONTACT FL SWITCH 3xxx, 4xxx and 48xx devices running firmware versions 1.0–1.34 are affected by CVE-2018-13994, a Denial-of-Service via the Web UI caused by resource exhaustion from more than 120 concurrent connections. Affected product family and version range are explicitly stated; mit...
CVE-2018-13994
The WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions 1.0 to 1.34 is vulnerable to a denial-of-service attack by making more than 120 connections...