1453 matches found
Default configuration
In Setup Wizard, there is a possible way to save a WiFi network due to an insecure default value. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2023-21397
In Setup Wizard, there is a possible way to save a WiFi network due to an insecure default value. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2023-21397
CVE-2023-21397 is documented in Android 14 Framework as an elevation of privilege (EoP) vulnerability. The issue originates from the Setup Wizard where an insecure default value permits saving a Wi‑Fi network, enabling local privilege escalation with no additional execution privileges and no user...
CVE-2023-21397
In Setup Wizard, there is a possible way to save a WiFi network due to an insecure default value. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
PT-2023-18172 · Unknown · Setupwizard
Name of the Vulnerable Software and Affected Versions: Setup Wizard affected versions not specified Description: The issue is related to an insecure default value in the Setup Wizard, which could allow saving a WiFi network. This could lead to local escalation of privilege with no additional...
PT-2023-9693 · Totolink · Totolink A3300R
Name of the Vulnerable Software and Affected Versions: TOTOLINK A3300R version 17.0.0cu.557 B20221024 Description: The issue is related to incorrect access control, allowing attackers to reset critical passwords without authentication by visiting specific pages, such as /wizard.html or...
D-Link DIR-619 缓冲区错误漏洞
The D-Link DIR-619L B1 is a series of routers from the Chinese company AUO D-Link. The D-Link DIR-619L B1 suffers from a buffer overflow vulnerability that stems from a buffer overflow issue in the formSetWANWizard7 method. No detailed vulnerability details are provided at this time...
D-Link DIR-619 缓冲区错误漏洞
The D-Link DIR-619L B1 is a series of routers from the Chinese company AUO D-Link. The D-Link DIR-619L B1 suffers from a buffer overflow vulnerability that stems from a buffer overflow issue in the formSetWANWizard55 method. No detailed vulnerability details are provided at this time...
CVE-2023-38352
MiniTool Partition Wizard 12.8 contains an insecure update mechanism that allows attackers to achieve remote code execution through a man in the middle attack...
CVE-2023-38352
MiniTool Partition Wizard 12.8 contains an insecure update mechanism that allows attackers to achieve remote code execution through a man in the middle attack...
CVE-2023-38352
MiniTool Partition Wizard 12.8 contains an insecure update mechanism that allows attackers to achieve remote code execution through a man in the middle attack...
CVE-2023-38351
MiniTool Partition Wizard 12.8 contains an insecure installation mechanism that allows attackers to achieve remote code execution through a man in the middle attack...
CVE-2023-38351
MiniTool Partition Wizard 12.8 contains an insecure installation mechanism that allows attackers to achieve remote code execution through a man in the middle attack...
Remote code execution
MiniTool Partition Wizard 12.8 contains an insecure installation mechanism that allows attackers to achieve remote code execution through a man in the middle attack...
Remote code execution
MiniTool Partition Wizard 12.8 contains an insecure update mechanism that allows attackers to achieve remote code execution through a man in the middle attack...
MiniTool Partition Wizard Trust Management Issue Vulnerability
MiniTool Partition Wizard is a partition manager for home and home office users from MiniTool Canada. A security vulnerability exists in MiniTool Partition Wizard version 12.8, which originates from a vulnerability that allows an attacker to achieve remote code execution via a man-in-the-middle...
CVE-2023-38352
CVE-2023-38352 affects MiniTool Partition Wizard 12.8. The issue is an insecure update mechanism that allows remote code execution via a man-in-the-middle attack. Root cause is lack of proper update integrity/authentication during updates, enabling an attacker on the network to tamper update deli...
CVE-2023-38351
MiniTool Partition Wizard 12.8 contains an insecure installation mechanism that allows attackers to achieve remote code execution through a man in the middle attack...
MiniTool Partition Wizard Trust Management Issue Vulnerability
MiniTool Partition Wizard is a partition manager for home and home office users from MiniTool Canada. A security vulnerability exists in MiniTool Partition Wizard version 12.8, which originates from a vulnerability that allows an attacker to achieve remote code execution via a man-in-the-middle...
CVE-2023-38352
MiniTool Partition Wizard 12.8 contains an insecure update mechanism that allows attackers to achieve remote code execution through a man in the middle attack...