Lucene search
K

1453 matches found

Prion
Prion
added 2023/10/30 6:15 p.m.18 views

Default configuration

In Setup Wizard, there is a possible way to save a WiFi network due to an insecure default value. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

4.3CVSS8.2AI score0.001EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/10/30 5:1 p.m.15 views

CVE-2023-21397

In Setup Wizard, there is a possible way to save a WiFi network due to an insecure default value. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.4AI score0.001EPSS
Exploits0References1
CVE
CVE
added 2023/10/30 5:1 p.m.60 views

CVE-2023-21397

CVE-2023-21397 is documented in Android 14 Framework as an elevation of privilege (EoP) vulnerability. The issue originates from the Setup Wizard where an insecure default value permits saving a Wi‑Fi network, enabling local privilege escalation with no additional execution privileges and no user...

7.8CVSS7.8AI score0.001EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/10/30 5:1 p.m.23 views

CVE-2023-21397

In Setup Wizard, there is a possible way to save a WiFi network due to an insecure default value. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

8.5AI score0.001EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/10/30 12:0 a.m.5 views

PT-2023-18172 · Unknown · Setupwizard

Name of the Vulnerable Software and Affected Versions: Setup Wizard affected versions not specified Description: The issue is related to an insecure default value in the Setup Wizard, which could allow saving a WiFi network. This could lead to local escalation of privilege with no additional...

7.8CVSS6.8AI score0.001EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2023/10/28 12:0 a.m.5 views

PT-2023-9693 · Totolink · Totolink A3300R

Name of the Vulnerable Software and Affected Versions: TOTOLINK A3300R version 17.0.0cu.557 B20221024 Description: The issue is related to incorrect access control, allowing attackers to reset critical passwords without authentication by visiting specific pages, such as /wizard.html or...

7.8CVSS7.7AI score0.00537EPSS
Exploits1References6
CNNVD
CNNVD
added 2023/09/28 12:0 a.m.3 views

D-Link DIR-619 缓冲区错误漏洞

The D-Link DIR-619L B1 is a series of routers from the Chinese company AUO D-Link. The D-Link DIR-619L B1 suffers from a buffer overflow vulnerability that stems from a buffer overflow issue in the formSetWANWizard7 method. No detailed vulnerability details are provided at this time...

7.5CVSS7.3AI score0.00826EPSS
Exploits1References3
CNNVD
CNNVD
added 2023/09/28 12:0 a.m.3 views

D-Link DIR-619 缓冲区错误漏洞

The D-Link DIR-619L B1 is a series of routers from the Chinese company AUO D-Link. The D-Link DIR-619L B1 suffers from a buffer overflow vulnerability that stems from a buffer overflow issue in the formSetWANWizard55 method. No detailed vulnerability details are provided at this time...

7.5CVSS7.3AI score0.00826EPSS
Exploits1References3
NVD
NVD
added 2023/09/19 4:15 p.m.19 views

CVE-2023-38352

MiniTool Partition Wizard 12.8 contains an insecure update mechanism that allows attackers to achieve remote code execution through a man in the middle attack...

8.1CVSS8.4AI score0.0063EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2023/09/19 4:15 p.m.4 views

CVE-2023-38352

MiniTool Partition Wizard 12.8 contains an insecure update mechanism that allows attackers to achieve remote code execution through a man in the middle attack...

8.1CVSS7.9AI score0.0063EPSS
Exploits0References2
OSV
OSV
added 2023/09/19 4:15 p.m.3 views

CVE-2023-38352

MiniTool Partition Wizard 12.8 contains an insecure update mechanism that allows attackers to achieve remote code execution through a man in the middle attack...

8.1CVSS6.3AI score0.0063EPSS
Exploits0References1
OSV
OSV
added 2023/09/19 4:15 p.m.2 views

CVE-2023-38351

MiniTool Partition Wizard 12.8 contains an insecure installation mechanism that allows attackers to achieve remote code execution through a man in the middle attack...

8.1CVSS6.3AI score0.0063EPSS
Exploits0References1
NVD
NVD
added 2023/09/19 4:15 p.m.21 views

CVE-2023-38351

MiniTool Partition Wizard 12.8 contains an insecure installation mechanism that allows attackers to achieve remote code execution through a man in the middle attack...

8.1CVSS8.4AI score0.0063EPSS
Exploits0References1
Prion
Prion
added 2023/09/19 4:15 p.m.20 views

Remote code execution

MiniTool Partition Wizard 12.8 contains an insecure installation mechanism that allows attackers to achieve remote code execution through a man in the middle attack...

5.1CVSS8.3AI score0.0063EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2023/09/19 4:15 p.m.20 views

Remote code execution

MiniTool Partition Wizard 12.8 contains an insecure update mechanism that allows attackers to achieve remote code execution through a man in the middle attack...

5.1CVSS8.3AI score0.0063EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2023/09/19 12:0 a.m.5 views

MiniTool Partition Wizard Trust Management Issue Vulnerability

MiniTool Partition Wizard is a partition manager for home and home office users from MiniTool Canada. A security vulnerability exists in MiniTool Partition Wizard version 12.8, which originates from a vulnerability that allows an attacker to achieve remote code execution via a man-in-the-middle...

8.1CVSS7.9AI score0.0063EPSS
Exploits0References2
CVE
CVE
added 2023/09/19 12:0 a.m.47 views

CVE-2023-38352

CVE-2023-38352 affects MiniTool Partition Wizard 12.8. The issue is an insecure update mechanism that allows remote code execution via a man-in-the-middle attack. Root cause is lack of proper update integrity/authentication during updates, enabling an attacker on the network to tamper update deli...

8.1CVSS8.3AI score0.0063EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/09/19 12:0 a.m.19 views

CVE-2023-38351

MiniTool Partition Wizard 12.8 contains an insecure installation mechanism that allows attackers to achieve remote code execution through a man in the middle attack...

8.6AI score0.0063EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/09/19 12:0 a.m.3 views

MiniTool Partition Wizard Trust Management Issue Vulnerability

MiniTool Partition Wizard is a partition manager for home and home office users from MiniTool Canada. A security vulnerability exists in MiniTool Partition Wizard version 12.8, which originates from a vulnerability that allows an attacker to achieve remote code execution via a man-in-the-middle...

8.1CVSS7.9AI score0.0063EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/09/19 12:0 a.m.18 views

CVE-2023-38352

MiniTool Partition Wizard 12.8 contains an insecure update mechanism that allows attackers to achieve remote code execution through a man in the middle attack...

7.8AI score0.0063EPSS
Exploits0References1
Rows per page
Query Builder