EUVD-2014-9418

Malware in sbrugna...

EUVD-2017-17804

Malware in sbrugna...

CVE-2017-8862

The webupgrade function on the Cohu 3960HD does not verify the firmware upgrade files or process, allowing an attacker to upload a specially crafted postinstall.sh file that will be executed with "root" privileges...

Design/Logic Flaw

The webupgrade function on the Cohu 3960HD does not verify the firmware upgrade files or process, allowing an attacker to upload a specially crafted postinstall.sh file that will be executed with "root" privileges...

CVE-2017-8862

CVE-2017-8862 concerns the Cohu 3960HD IP camera family. The webupgrade function does not verify firmware upgrade files or processes, enabling an attacker to upload a crafted postinstall.sh that is executed with root privileges. Documented sources (NVD/NVD listing) describe a high-severity impact...

CVE-2017-8862

The webupgrade function on the Cohu 3960HD does not verify the firmware upgrade files or process, allowing an attacker to upload a specially crafted postinstall.sh file that will be executed with "root" privileges...

Cohu 3960HD 'webupgrade' function file upload vulnerability

The Cohu 3960HD is an IP zoom camera from Cohu USA that is typically used as a traffic camera. A file upload vulnerability exists in the 'webupgrade' function in the Cohu 3960HD, which stems from the program failing to validate a file or process uploaded by the firmware. An attacker can exploit t...

Netsweeper WebUpgrade Authorization Issues Vulnerability

Netsweeper is a Web content filtering solution from Netsweeper Canada. A security vulnerability exists in Netsweeper's WebUpgrade that stems from the webupgrade/webupgrade.php script failing to adequately filter the 'login' and 'password ' parameters. A remote attacker can exploit the vulnerabili...

Sql injection

WebUpgrade in Netsweeper before 3.1.10, 4.0.x before 4.0.9, and 4.1.x before 4.1.2 allows remote attackers to bypass authentication and create a system backup tarball, restart the server, or stop the filters on the server via a ' single quote character in the login and password parameters to...

CVE-2014-9605

WebUpgrade in Netsweeper before 3.1.10, 4.0.x before 4.0.9, and 4.1.x before 4.1.2 allows remote attackers to bypass authentication and create a system backup tarball, restart the server, or stop the filters on the server via a ' single quote character in the login and password parameters to...

CVE-2014-9605

CVE-2014-9605 concerns Netsweeper WebUpgrade where insufficient filtering of the login/password inputs (single quote) allows remote attackers to bypass authentication in Netsweeper versions before 3.1.10, 4.0.x before 4.0.9, and 4.1.x before 4.1.2. Successful bypass enables actions such as creati...

CVE-2014-9605

WebUpgrade in Netsweeper before 3.1.10, 4.0.x before 4.0.9, and 4.1.x before 4.1.2 allows remote attackers to bypass authentication and create a system backup tarball, restart the server, or stop the filters on the server via a ' single quote character in the login and password parameters to...