JVN#78634340: Multiple vulnerabilities in WAVLINK WL-WN531AX2

WL-WN531AX2 provided by WAVLINK contains multiple vulnerabilities listed below. Client-side enforcement of server-side security CWE-602 - CVE-2023-32612 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H| Base Score: 6.8 CVSS v2| AV:A/AC:L/Au:S/C:C/I:C/A:C|...

CVE-2023-34114

Exposure of resource to wrong sphere in Zoom for Windows and Zoom for MacOS clients before 5.14.10 may allow an authenticated user to potentially enable information disclosure via network access...

CVE-2023-31206

CVE-2023-31206 describes an Exposure of Resource to Wrong Sphere vulnerability affecting Apache InLong versions 1.4.0–1.6.0. The flaw allows an attacker to change the immutable name and type of InLong nodes due to exposure to the wrong sphere. Remediation across sources is to upgrade to InLong 1....

Exposure of Resource to Wrong Sphere

Amendment This was deemed not a vulnerability. Overview Affected versions of this package are vulnerable to Exposure of Resource to Wrong Sphere by loading a binary from an insecure hardcoded S3 bucket URL, which was demonstrated by an ethical hacker to be susceptible to takeover by malicious...

Remote code execution

A CWE-668: Exposure of Resource to Wrong Sphere vulnerability exists that could cause remote code execution when a valid user visits a malicious link provided through the web endpoints. Affected Products: EcoStruxure Control Expert V15.1 and above...

CVE-2023-27976

A CWE-668: Exposure of Resource to Wrong Sphere vulnerability exists that could cause remote code execution when a valid user visits a malicious link provided through the web endpoints. Affected Products: EcoStruxure Control Expert V15.1 and above...

CVE-2022-4224 CODESYS: Exposure of Resource to Wrong Sphere in CODESYS V3

In multiple products of CODESYS v3 in multiple versions a remote low privileged user could utilize this vulnerability to read and modify system files and OS resources or DoS the device...

SUSE CVE-2022-21947

A Exposure of Resource to Wrong Sphere vulnerability in Rancher Desktop of SUSE allows attackers in the local network to connect to the Dashboard API steve to carry out arbitrary actions. This issue affects: SUSE Rancher Desktop versions prior to V...

CVE-2022-22732

A CWE-668: Exposure of Resource to Wrong Sphere vulnerability exists that could cause all remote domains to access the resources data supplied by the server when an attacker sends a fetch request from third-party site or malicious site. Affected Products: EcoStruxure Power Commission Versions pri...

Design/Logic Flaw

A CWE-668: Exposure of Resource to Wrong Sphere vulnerability exists that could cause all remote domains to access the resources data supplied by the server when an attacker sends a fetch request from third-party site or malicious site. Affected Products: EcoStruxure Power Commission Versions pri...

CVE-2022-26121

An exposure of resource to wrong sphere vulnerability CWE-668 in FortiAnalyzer and FortiManager GUI 7.0.0 through 7.0.3, 6.4.0 through 6.4.8, 6.2.0 through 6.2.9, 6.0.0 through 6.0.11, 5.6.0 through 5.6.11 may allow an unauthenticated and remote attacker to access report template images via...

CVE-2022-32530

A CWE-668 Exposure of Resource to Wrong Sphere vulnerability exists that could cause users to be misled, hiding alarms, showing the wrong server connection option or the wrong control request when a mobile device has been compromised by a malicious application. Affected Product: Geo SCADA Mobile...

CVE-2022-32530

A CWE-668 Exposure of Resource to Wrong Sphere vulnerability exists that could cause users to be misled, hiding alarms, showing the wrong server connection option or the wrong control request when a mobile device has been compromised by a malicious application. Affected Product: Geo SCADA Mobile...

CVE-2022-32530

A CWE-668 Exposure of Resource to Wrong Sphere vulnerability exists that could cause users to be misled, hiding alarms, showing the wrong server connection option or the wrong control request when a mobile device has been compromised by a malicious application. Affected Product: Geo SCADA Mobile...

CVE-2022-32530

CVE-2022-32530 affects Schneider Electric’s Geo SCADA Mobile (Build 222 and prior). The vulnerability is described as CWE-668: Exposure of Resource to Wrong Sphere, which could mislead users by hiding alarms or presenting incorrect server connection options or control requests when a mobile devic...

GHSA-X446-3XHQ-5XFP Exposure of Resource to Wrong Sphere in Simple-Wayland-HotKey-Daemon

SWHKD 1.1.5 allows arbitrary file-existence tests via the -c option...

Exposure of Resource to Wrong Sphere in Simple-Wayland-HotKey-Daemon

SWHKD 1.1.5 consumes the keyboard events of unintended users. This could potentially cause an information leak, but is usually a denial of functionality...

Exposure of Resource to Wrong Sphere in Simple-Wayland-HotKey-Daemon

SWHKD 1.1.5 allows arbitrary file-existence tests via the -c option...

CVE-2022-21947

The CVE-2022-21947 entry concerns SUSE Rancher Desktop (Rancher Desktop) with an exposure of the Dashboard API (steve) to the local network. Affected: Rancher Desktop versions prior to V. Root cause: Exposure of Resource to Wrong Sphere vulnerability allows a local-network attacker to connect to ...

CVE-2022-21947

A Exposure of Resource to Wrong Sphere vulnerability in Rancher Desktop of SUSE allows attackers in the local network to connect to the Dashboard API steve to carry out arbitrary actions. This issue affects: SUSE Rancher Desktop versions prior to V...