2224 matches found
Robustel R1510 clish art2 command execution vulnerability
Summary A command execution vulnerability exists in the clish art2 functionality of Robustel R1510 3.3.0. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger this vulnerability. Tested Versions Robustel R1510 3.3.0...
Robustel R1510 web_server action endpoints OS command injection vulnerabilities
Summary Multiple command injection vulnerabilities exist in the webserver action endpoints functionalities of Robustel R1510 3.3.0. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities. Tested...
Robustel R1510 web_server /action/remove/ API data removal vulnerability
Summary A data removal vulnerability exists in the webserver /action/remove/ API functionality of Robustel R1510 3.3.0. A specially-crafted network request can lead to arbitrary file deletion. An attacker can send a sequence of requests to trigger this vulnerability. Tested Versions Robustel R151...
Anker Eufy Homebase 2 mips_collector appsrv_server use-after-free vulnerability
Talos Vulnerability Report TALOS-2022-1440 Anker Eufy Homebase 2 mipscollector appsrvserver use-after-free vulnerability June 15, 2022 CVE Number CVE-2022-21806 SUMMARY A use-after-free vulnerability exists in the mipscollector appsrvserver functionality of Anker Eufy Homebase 2 2.1.8.5h. A...
Bachmann Visutec GmbH Atvise License registration information disclosure vulnerability
Summary An information disclosure vulnerability exists in the License registration functionality of Bachmann Visutec GmbH Atvise 3.5.4, 3.6 and 3.7. A plaintext HTTP request can lead to a disclosure of login credentials. An attacker can perform a man-in-the-middle attack to trigger this...
Blynk Blynk-Library BlynkConsole.h runCommand stack-based buffer overflow vulnerability
Summary A stack-based buffer overflow vulnerability exists in the BlynkConsole.h runCommand functionality of Blynk -Library v1.0.1. A specially-crafted network request can lead to command execution. An attacker can send a network request to trigger this vulnerability. Tested Versions Blynk -Libra...
Open Automation Software Platform Engine SecureBrowseFile information disclosure vulnerability
Summary An information disclosure vulnerability exists in the OAS Engine SecureBrowseFile functionality of Open Automation Software OAS Platform V16.00.0112. A specially-crafted network request can lead to a disclosure of sensitive information. An attacker can send a network request to trigger th...
Open Automation Software OAS Platform REST API unauthenticated vulnerability
Summary An improper authentication vulnerability exists in the REST API functionality of Open Automation Software OAS Platform V16.00.0121. A specially-crafted series of HTTP requests can lead to unauthenticated use of the REST API. An attacker can send a series of HTTP requests to trigger this...
Open Automation Software Platform Engine SecureAddSecurity external config control vulnerability
Summary An external config control vulnerability exists in the OAS Engine SecureAddSecurity functionality of Open Automation Software OAS Platform V16.00.0112. A specially-crafted series of network requests can lead to the creation of a custom Security Group. An attacker can send a sequence of...
Open Automation Software Platform Engine cleartext transmission of sensitive information vulnerability
Summary A cleartext transmission of sensitive information vulnerability exists in the OAS Engine configuration communications functionality of Open Automation Software OAS Platform V16.00.0112. A targeted network sniffing attack can lead to a disclosure of sensitive information. An attacker can...
Open Automation Software Platform Engine SecureTransferFiles file write vulnerability
Summary A file write vulnerability exists in the OAS Engine SecureTransferFiles functionality of Open Automation Software OAS Platform V16.00.0112. A specially-crafted series of network requests can lead to remote code execution. An attacker can send a sequence of requests to trigger this...
Open Automation Software Platform Engine SecureConfigValues denial of service vulnerability
Summary A denial of service vulnerability exists in the OAS Engine SecureConfigValues functionality of Open Automation Software OAS Platform V16.00.0112. A specially-crafted network request can lead to loss of communications. An attacker can send a network request to trigger this vulnerability...
Open Automation Software Platform Engine SecureAddUser External config control vulnerability
Summary An external config control vulnerability exists in the OAS Engine SecureAddUser functionality of Open Automation Software OAS Platform V16.00.0112. A specially-crafted series of network requests can lead to the creation of an OAS user account. An attacker can send a sequence of requests t...
Open Automation Software Platform Engine SecureTransferFiles information disclosure vulnerability
Summary An information disclosure vulnerability exists in the OAS Engine SecureTransferFiles functionality of Open Automation Software OAS Platform V16.00.0112. A specially-crafted series of network requests can lead to arbitrary file read. An attacker can send a sequence of requests to trigger...
NVIDIA nvwgf2umx_cfg.dll shader DCL_INDEXRANGE memory corruption vulnerability
Summary A memory corruption vulnerability exists in the shader DCLINDEXRANGE functionality of NVIDIA D3D10 Driver version 496.76, 30.0.14.9676. A specially-crafted executable/shader file can lead to memory corruption. This vulnerability potentially could be triggered from guest machines running...
NVIDIA nvwgf2umx_cfg.dll shader DCL_RESOURCE_STRUCTURED memory corruption vulnerability
Summary A memory corruption vulnerability exists in the shader DCLRESOURCESTRUCTURED functionality of NVIDIA D3D10 Driver, version 496.76, 30.0.14.9676. A specially-crafted executable/shader file can lead to an out-of-bounds write. This vulnerability potentially could be triggered from guest...
NVIDIA nvwgf2umx_cfg.dll shader DCL_UNORDERED_ACCESS_VIEW_STRUCTURED memory corruption vulnerability
Summary A memory corruption vulnerability exists in the shader DCLUNORDEREDACCESSVIEWSTRUCTURED functionality of NVIDIA D3D10 Driver version 496.76, 30.0.14.9676. A specially-crafted executable / shader file can lead to memory corruption. This vulnerability potentially could be triggered from gue...
NVIDIA nvwgf2umx_cfg.dll shader DCL_INDEXABLE memory corruption vulnerability
Summary A memory corruption vulnerability exists in the shader dclindexable functionality of NVIDIA D3D10 Driver version 496.76, 30.0.14.9676. A specially-crafted executable / shader file can lead to memory corruption. This vulnerability potentially could be triggered from guest machines running...
InHand Networks InRouter302 console factory OS command injection vulnerability
Summary An OS command injection vulnerability exists in the console factory functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted network request can lead to command execution. An attacker can send a sequence of requests to trigger this vulnerability. Tested Versions InHand...
InHand Networks InRouter302 router configuration export information disclosure vulnerability
Summary An information disclosure vulnerability exists in the router configuration export functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted network request can lead to increased privileges. An attacker can send an HTTP request to trigger this vulnerability. Tested Versions...
InHand Networks InRouter302 console factory stack-based buffer overflow vulnerability
Summary A stack-based buffer overflow vulnerability exists in the console factory functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted network request can lead to remote code execution. An attacker can send a sequence of malicious packets to trigger this vulnerability. Tested...
InHand Networks InRouter302 httpd wlscan_ASP OS command injection vulnerability
Summary An OS command injection vulnerability exists in the httpd wlscanASP functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability. Tested...
InHand Networks InRouter302 info.jsp cross-site scripting (XSS) vulnerability
Summary A cross-site scripting xss vulnerability exists in the info.jsp functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted HTTP request can lead to arbitrary Javascript execution. An attacker can send an HTTP request to trigger this vulnerability. Tested Versions InHand...
InHand Networks InRouter302 libnvram.so nvram_import improper input validation vulnerabilities
Summary Multiple improper input validation vulnerabilities exists in the libnvram.so nvramimport functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted file can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability. Tested...
InHand Networks InRouter302 console infactory_wlan command injection vulnerability
Summary An OS command injection vulnerability exists in the console infactorywlan functionality of InHand Networks InRouter302 V3.5.37. A specially-crafted series of network requests can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability. Test...
InHand Networks InRouter302 console inhand command execution vulnerability
Summary A command execution vulnerability exists in the console inhand functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger this vulnerability. Tested Versions InHan...
InHand Networks InRouter302 iburn firmware checks firmware update vulnerability
Summary A firmware update vulnerability exists in the iburn firmware checks functionality of InHand Networks InRouter302 V3.5.37. A specially-crafted HTTP request can lead to firmware update. An attacker can send a sequence of requests to trigger this vulnerability. Tested Versions InHand Network...
InHand Networks InRouter302 router configuration import privilege escalation vulnerability
Summary A privilege escalation vulnerability exists in the router configuration import functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted HTTP request can lead to increased privileges. An attacker can send an HTTP request to trigger this vulnerability. Tested Versions InHand...
InHand Networks InRouter302 web interface session cookie information disclosure vulnerability
Summary An information disclosure vulnerability exists in the web interface session cookie functionality of InHand Networks InRouter302 V3.5.4. The session cookie misses the HttpOnly flag, making it accessible via JavaScript and thus allowing an attacker, able to perform an XSS attack, to steal t...
InHand Networks InRouter302 httpd upload.cgi file write vulnerability
Summary A file write vulnerability exists in the httpd upload.cgi functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted HTTP request can lead to arbitrary file upload. An attacker can upload a malicious file to trigger this vulnerability. Tested Versions InHand Networks...
InHand Networks InRouter302 httpd parse_ping_result API buffer overflow vulnerability
Summary A buffer overflow vulnerability exists in the httpd parsepingresult API functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted file can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability. Tested Versions InHand Networ...
InHand Networks InRouter302 console infactory_port OS command injection vulnerability
Summary An OS command injection vulnerability exists in the console infactoryport functionality of InHand Networks InRouter302 V3.5.37. A specially-crafted series of network requests can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability. Test...
InHand Networks InRouter302 daretools binary OS command injection vulnerability
Summary An OS command injection vulnerability exists in the daretools binary functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger this vulnerability. Tested Versions...
InHand Networks InRouter302 console infactory hard-coded password vulnerability
Summary A hard-coded password vulnerability exists in the console infactory functionality of InHand Networks InRouter302 V3.5.37. A specially-crafted network request can lead to privileged operation execution. An attacker can send a sequence of requests to trigger this vulnerability. Tested...
ESTsoft Alyac PE section headers out of bounds read
Talos Vulnerability Report TALOS-2022-1452 ESTsoft Alyac PE section headers out of bounds read May 10, 2022 CVE Number CVE-2022-21147 SUMMARY An out of bounds read vulnerability exists in the malware scan functionality of ESTsoft Alyac 2.5.7.7. A specially-crafted PE file can trigger this...
InHand Networks InRouter302 console infactory_net command injection vulnerability
Summary An OS command injection vulnerability exists in the console infactorynet functionality of InHand Networks InRouter302 V3.5.37. A specially-crafted series of network requests can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability. Teste...
WPS Office HtmTableAlt use-after-free vulnerability
Summary An exploitable use-after-free vulnerability exists in WPS Spreadsheets ET as part of WPS Office, version 11.2.0.10351. A specially-crafted XLS file can cause a use-after-free condition, resulting in remote code execution. An attacker needs to provide a malformed file to the victim to...
Anker Eufy Homebase 2 libxm_av.so DemuxCmdInBuffer buffer overflow vulnerability
Talos Vulnerability Report TALOS-2022-1480 Anker Eufy Homebase 2 libxmav.so DemuxCmdInBuffer buffer overflow vulnerability May 5, 2022 CVE Number CVE-2022-26073 SUMMARY A denial of service vulnerability exists in the libxmav.so DemuxCmdInBuffer functionality of Anker Eufy Homebase 2 2.1.8.5h. A...
Anker Eufy Homebase 2 libxm_av.so getpeermac() authentication bypass vulnerability
Talos Vulnerability Report TALOS-2022-1479 Anker Eufy Homebase 2 libxmav.so getpeermac authentication bypass vulnerability May 5, 2022 CVE Number CVE-2022-25989 SUMMARY An authentication bypass vulnerability exists in the libxmav.so getpeermac functionality of Anker Eufy Homebase 2 2.1.8.5h. A...
Accusoft ImageGear ioca_mys_rgb_allocate memory corruption vulnerability
Summary A memory corruption vulnerability exists in the iocamysrgballocate functionality of Accusoft ImageGear 19.10. A specially-crafted malformed file can lead to an arbitrary free. An attacker can provide a malicious file to trigger this vulnerability. Tested Versions Accusoft ImageGear 19.10...
Accusoft ImageGear IGXMPXMLParser::parseDelimiter stack-based buffer overflow vulnerability
Summary A stack-based buffer overflow vulnerability exists in the IGXMPXMLParser::parseDelimiter functionality of Accusoft ImageGear 19.10. A specially-crafted PSD file can overflow a stack buffer, which could either lead to denial of service or, depending on the application, to an information...
ArduPilot APWeb cgi.c unescape memory corruption vulnerability
Summary A memory corruption vulnerability exists in the cgi.c unescape functionality of ArduPilot APWeb master branch 50b6b7ac - master branch 46177cb9. A specially-crafted HTTP request can lead to memory corruption. An attacker can send a network request to trigger this vulnerability. Tested...
Accusoft ImageGear parse_raster_data out-of-bounds write vulnerability
Summary An out-of-bounds write vulnerability exists in the parserasterdata functionality of Accusoft ImageGear 19.10. A specially-crafted malformed file can lead to memory corruption. An attacker can provide a malicious file to trigger this vulnerability. Tested Versions Accusoft ImageGear 19.10...
Sound Exchange libsox sphere.c start_read() heap-based buffer overflow vulnerability
Talos Vulnerability Report TALOS-2021-1434 Sound Exchange libsox sphere.c startread heap-based buffer overflow vulnerability March 23, 2022 CVE Number CVE-2021-40426 SUMMARY A heap-based buffer overflow vulnerability exists in the sphere.c startread functionality of Sound Exchange libsox 14.4.2 a...
Webroot Secure Anywhere IOCTL GetProcessCommand and B_03 out-of-bounds read vulnerability
Summary An out-of-bounds read vulnerability exists in the IOCTL GetProcessCommand and B03 of Webroot Secure Anywhere 21.4. A specially-crafted executable can lead to denial of service. An attacker can issue an ioctl to trigger this vulnerability. Tested Versions Webroot Secure Anywhere 21.4 Produ...
Leadtools fltSaveCMP integer overflow vulnerability
Summary An integer overflow vulnerability exists in the fltSaveCMP functionality of Leadtools 22. A specially-crafted BMP file can lead to an integer overflow, that in turn causes a buffer overflow. An attacker can provide a malicious BMP file to trigger this vulnerability. Tested Versions...
Lansweeper WebUserActions.aspx Stored XSS vulnerability
Summary A stored cross-site scripting vulnerability exists in the WebUserActions.aspx functionality of Lansweeper lansweeper 9.1.20.2. A specially-crafted HTTP request can lead to arbitrary Javascript code injection. An attacker can send an HTTP request to trigger this vulnerability. Tested...
Lansweeper lansweeper EchoAssets.aspx SQL injection vulnerability
Summary An SQL injection vulnerability exists in the EchoAssets.aspx functionality of Lansweeper lansweeper 9.1.20.2. A specially crafted HTTP request can cause SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability. Tested Versions Lansweeper lansweeper...
Swift Sensors Gateway device password generation authentication bypass vulnerability
Summary An authentication bypass vulnerability exists in the device password generation functionality of Swift Sensors Gateway SG3-1010. A specially-crafted network request can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability. Tested Version...
Lansweeper lansweeper AssetActions.aspx SQL injection vulnerability
Summary An SQL injection vulnerability exists in the AssetActions.aspx functionality of Lansweeper lansweeper 9.1.20.2. A specially crafted HTTP request can cause SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability. Tested Versions Lansweeper lansweeper...