13 matches found
EUVD-2014-9418
Malware in sbrugna...
EUVD-2017-17804
Malware in sbrugna...
The vulnerability of the webupgrade function in the microprogrammed IP camera software of Cohu 3960HD allows a intruder to execute code with root privileges.
The vulnerability of the webupgrade function in the microprogrammed IP camera system Cohu 3960HD relates to the unlimited loading of dangerous files. Exploiting this vulnerability allows a remote attacker to execute arbitrary code with root privileges by loading a specially crafted archive...
CVE-2017-8862
The webupgrade function on the Cohu 3960HD does not verify the firmware upgrade files or process, allowing an attacker to upload a specially crafted postinstall.sh file that will be executed with "root" privileges...
Design/Logic Flaw
The webupgrade function on the Cohu 3960HD does not verify the firmware upgrade files or process, allowing an attacker to upload a specially crafted postinstall.sh file that will be executed with "root" privileges...
CVE-2017-8862
The webupgrade function on the Cohu 3960HD does not verify the firmware upgrade files or process, allowing an attacker to upload a specially crafted postinstall.sh file that will be executed with "root" privileges...
CVE-2017-8862
CVE-2017-8862 concerns the Cohu 3960HD IP camera family. The webupgrade function does not verify firmware upgrade files or processes, enabling an attacker to upload a crafted postinstall.sh that is executed with root privileges. Documented sources (NVD/NVD listing) describe a high-severity impact...
Cohu 3960HD 'webupgrade' function file upload vulnerability
The Cohu 3960HD is an IP zoom camera from Cohu USA that is typically used as a traffic camera. A file upload vulnerability exists in the 'webupgrade' function in the Cohu 3960HD, which stems from the program failing to validate a file or process uploaded by the firmware. An attacker can exploit t...
Netsweeper WebUpgrade Authorization Issues Vulnerability
Netsweeper is a Web content filtering solution from Netsweeper Canada. A security vulnerability exists in Netsweeper's WebUpgrade that stems from the webupgrade/webupgrade.php script failing to adequately filter the 'login' and 'password ' parameters. A remote attacker can exploit the vulnerabili...
Sql injection
WebUpgrade in Netsweeper before 3.1.10, 4.0.x before 4.0.9, and 4.1.x before 4.1.2 allows remote attackers to bypass authentication and create a system backup tarball, restart the server, or stop the filters on the server via a ' single quote character in the login and password parameters to...
CVE-2014-9605
WebUpgrade in Netsweeper before 3.1.10, 4.0.x before 4.0.9, and 4.1.x before 4.1.2 allows remote attackers to bypass authentication and create a system backup tarball, restart the server, or stop the filters on the server via a ' single quote character in the login and password parameters to...
CVE-2014-9605
WebUpgrade in Netsweeper before 3.1.10, 4.0.x before 4.0.9, and 4.1.x before 4.1.2 allows remote attackers to bypass authentication and create a system backup tarball, restart the server, or stop the filters on the server via a ' single quote character in the login and password parameters to...
CVE-2014-9605
CVE-2014-9605 concerns Netsweeper WebUpgrade where insufficient filtering of the login/password inputs (single quote) allows remote attackers to bypass authentication in Netsweeper versions before 3.1.10, 4.0.x before 4.0.9, and 4.1.x before 4.1.2. Successful bypass enables actions such as creati...