SolarWinds Access Rights Manager ExpandZipFile Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of SolarWinds Access Rights Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ExpandZipFile method. The issue results from the lack of proper...

Parse Server literalizeRegexPart SQL Injection Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Parse Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the literalizeRegexPart function. The issue results from the lack of proper...

Centreon testServiceExistence SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Centreon. Authentication is required to exploit this vulnerability. The specific flaw exists within the testServiceExistence function. The issue results from the lack of proper validation of a...

(Pwn2Own) Synology BC500 Improper Compartmentalization Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Synology BC500 cameras. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

(Pwn2Own) Synology RT6600ax Improper Access Control Firewall Bypass Vulnerability

This vulnerability allows remote attackers to bypass firewall rules and access the LAN interface on affected installations of Synology RT6600ax routers. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of firewall rules. The issue results from...

(Pwn2Own) Synology BC500 Protection Mechanism Failure Software Downgrade Vulnerability

This vulnerability allows network-adjacent attackers to downgrade Synology software on affected installations of Synology BC500 cameras. Authentication is required to exploit this vulnerability. The specific flaw exists within the update functionality. The issue results from the lack of proper...

(Pwn2Own) Synology BC500 synocam_param.cgi Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Synology BC500 cameras. Authentication is not required to exploit this vulnerability. The specific flaw exists within the synocamparam.cgi module. The issue results from the lack of proper...

ESET Smart Security Premium Link Following Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of ESET Smart Security Premium. User interaction on the part of an administrator is required to exploit this vulnerability. The specific flaw exists within the ESET Service. By creating a symbolic link, an...

Trend Micro Apex One modOSCE SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trend Micro Apex One. Authentication is required to exploit this vulnerability. The specific flaw exists within the client management functionality. The issue results from the lack of proper validati...

Progress Software WhatsUp Gold GetASPReport Server-Side Request Forgery Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Progress Software WhatsUp Gold. Authentication is required to exploit this vulnerability. The specific flaw exists within the GetASPReport method. The issue results from the lack of...

Progress Software WhatsUp Gold CommunityController Unrestricted File Upload Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Progress Software WhatsUp Gold. Authentication is not required to exploit this vulnerability. The specific flaw exists within the CommunityController class. The issue results from the lack of proper...

Parse Server literalizeRegexPart SQL Injection Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of Parse Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the literalizeRegexPart function. The issue results from the lack of proper validation of a...

Progress Software WhatsUp Gold GetFileWithoutZip Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Progress Software WhatsUp Gold. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of GetFileWithoutZip method. The issue results from th...

Progress Software WhatsUp Gold APM Unrestricted File Upload Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Progress Software WhatsUp Gold. Authentication is required to exploit this vulnerability. The specific flaw exists within the APM module. The issue results from the lack of proper validation of...

Progress Software WhatsUp Gold WriteDataFile Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Progress Software WhatsUp Gold. Authentication is not required to exploit this vulnerability. The specific flaw exists within the WriteDataFile method. The issue results from the lack of proper...

Progress Software WhatsUp Gold SessionControler Server-Side Request Forgery Information Disclosure Vulnerability

This vulnerability allows remote attackers to initiate arbitrary server-side requests on affected installations of Progress Software WhatsUp Gold. Authentication is required to exploit this vulnerability. The specific flaw exists within the SessionControler class. The issue results from the lack ...

Progress Software WhatsUp Gold OnMessage Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Progress Software WhatsUp Gold. Authentication is required to exploit this vulnerability. The specific flaw exists within the implementation of OnMessage method. The issue results from the lack of...

Progress Software WhatsUp Gold InstallController Denial-of-Service Vulnerability

This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Progress Software WhatsUp Gold. Authentication is not required to exploit this vulnerability. The specific flaw exists within the InstallController class. The issue results from the lac...

Progress Software WhatsUp Gold Missing Authentication GetWindowsCredential Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Progress Software WhatsUp Gold. Authentication is not required to exploit this vulnerability. The specific flaw exists within the GetWindowsCredential method. The issue results from the lack ...

Progress Software WhatsUp Gold LoadCSSUsingBasePath Directory Traversal Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Progress Software WhatsUp Gold. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of LoadCSSUsingBasePath method. The issue...

Progress Software WhatsUp Gold SetAdminPassword Improper Access Control Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Progress Software WhatsUp Gold. An attacker must first obtain the ability to execute low-privileged code on the target system or send an HTTP request from a local machine in order to exploit this...

Progress Software WhatsUp Gold LoadUsingBasePath Directory Traversal Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Progress Software WhatsUp Gold. Authentication is not required to exploit this vulnerability. The specific flaw exists within the LoadUsingBasePath method. The issue results from the lack of...

Zen Cart findPluginAdminPage Local File Inclusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Zen Cart. Authentication is not required to exploit this vulnerability. The specific flaw exists within the findPluginAdminPage function. The issue results from the lack of proper validation of...

VMware vCenter Server Appliance License Server Uncontrolled Memory Allocation Denial-of-Service Vulnerability

This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of VMware vCenter Server Appliance. Authentication is not required to exploit this vulnerability. The specific flaw exists within the License Server. The issue results from the lack of...

(Pwn2Own) Autel MaxiCharger AC Elite Business C50 BLE Hardcoded Credentials Authentication Bypass Vulnerability

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Autel MaxiCharger AC Elite Business C50 charging stations. Authentication is not required to exploit this vulnerability. The specific flaw exists within the BLE AppAuthenRequest command...

(Pwn2Own) Alpine Halo9 UPDM_wemCmdCreatSHA256Hash Command Injection Remote Code Execution Vulnerability

This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Alpine Halo9 devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the UPDMwemCmdCreatSHA256Hash function. The issue results from the lack...

(Pwn2Own) Ubiquiti Networks EV Station setDebugPortEnabled Exposed Dangerous Method Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Ubiquiti Networks EV Station. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

(Pwn2Own) Sony XAV-AX5500 Insufficient Firmware Update Validation Remote Code Execution Vulnerability

This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Sony XAV-AX5500 devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of software updates. The issue results from the lack of...

(Pwn2Own) Sony XAV-AX5500 CarPlay TLV Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Sony XAV-AX5500 devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the Apple CarPlay protocol. The issue results...

(Pwn2Own) Phoenix Contact CHARX SEC-3100 Improper Access Control Firewall Bypass Vulnerability

This vulnerability allows network-adjacent attackers to bypass firewall rules and access another interface on affected installations of Phoenix Contact CHARX SEC-3100 devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the configuration of firewa...

(Pwn2Own) Phoenix Contact CHARX SEC-3100 HomePlug Protocol Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Phoenix Contact CHARX SEC-3100 devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parsing of the HomePlug Green PHY Protocol...

(Pwn2Own) Silicon Labs Gecko OS http_download Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Silicon Labs Gecko OS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the httpdownload command. The issue results from t...

(Pwn2Own) Phoenix Contact CHARX SEC-3100 OCPP Protocol Improper Log Output Neutralization Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to injection malicious content into log files on affected installations of Phoenix Contact CHARX SEC-3100 devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of logging. The...

(Pwn2Own) Samsung Galaxy S23 Galaxy Store Deeplink Permissive List of Allowed Inputs Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Samsung Galaxy S23 smartphones. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

(Pwn2Own) Silicon Labs Gecko OS HTTP GET Request Handling Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Silicon Labs Gecko OS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of HTTP GET requests. The issue results from the lack of...

(Pwn2Own) Phoenix Contact CHARX SEC-3100 OCPP Protocol UpdateFirmware Command Injection Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Phoenix Contact CHARX SEC-3100 devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the location parameter of the...

(Pwn2Own) Wyze Cam v3 Wi-Fi SSID OS Command Injection Remote Code Execution Vulnerability

This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Wyze Cam v3 IP cameras. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of SSIDs embedded in scanned QR codes. The issue results...

(Pwn2Own) Samsung Galaxy S23 instantgame Improper Input Validation Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Samsung Galaxy S23 smartphones. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

(Pwn2Own) Phoenix Contact CHARX SEC-3100 Config Manager Improper Input Validation Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Phoenix Contact CHARX SEC-3100 devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the CharxSystemConfigManager service, which listens on...

(Pwn2Own) HP Color LaserJet Pro MFP 4301fdw CFF Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of HP Color LaserJet Pro MFP 4301fdw printers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parsing of embedded fonts. The issue results fr...

(Pwn2Own) Alpine Halo9 DecodeUTF7 Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Alpine Halo9 devices. An attacker must first obtain the ability to pair a malicious Bluetooth device with the target system in order to exploit this vulnerability. The specific flaw exists...

(Pwn2Own) QNAP TS-464 TURN Server create_session Server-Side Request Forgery Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of QNAP TS-464 NAS devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the createsession action. The issue results from the lack of...

(Pwn2Own) Autel MaxiCharger AC Elite Business C50 DLB_HostHeartBeat Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Autel MaxiCharger AC Elite Business C50 charging stations. Authentication is not required to exploit this vulnerability. The specific flaw exists within the DLBHostHeartBeat handler of the...

(Pwn2Own) Phoenix Contact CHARX SEC-3100 OCPP Protocol Missing Encryption Authentication Bypass Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Phoenix Contact CHARX SEC-3100 devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the OCPP protocol. The issue...

(Pwn2Own) Phoenix Contact CHARX SEC-3100 ClientSession Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Phoenix Contact CHARX SEC-3100 devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of ClientSession objects in the...

(Pwn2Own) Autel MaxiCharger AC Elite Business C50 BLE AppChargingControl Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Autel MaxiCharger AC Elite Business C50 charging stations. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The...

(0Day) Zope CMFCore Uncontrolled Resource Consumption Denial-of-Service Vulnerability

This vulnerability allows network-adjacent attackers to create a denial-of-service condition on affected installations of Zope Application Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the contentFilter class. The issue results from...

(Pwn2Own) Wyze Cam v3 Realtek Wi-Fi Driver Heap-Based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Wyze Cam v3 IP cameras. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Realtek Wi-Fi kernel module. The issue results from the lack of...

(Pwn2Own) QNAP TS-464 Improper Validation Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of QNAP TS-464 NAS devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the authentication logic. The issue results from improper validation of the...

(Pwn2Own) Ubiquiti Networks EV Station changeUserPassword Missing Authentication Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Ubiquiti Networks EV Station. Authentication is not required to exploit this vulnerability. The specific flaw exists within the password change functionality. The issue results from the lac...