Lucene search
K

Experts Warn of Severe Flaws Affecting Milesight Routers and Titan SFTP Servers

🗓️ 17 Oct 2023 10:16:00Reported by The Hacker NewsType 
thn
 thn
🔗 thehackernews.com👁 135 Views

Experts Warn of Severe Flaws Affecting Milesight Routers and Titan SFTP Servers. Critical vulnerability (CVE-2023-43261) exposes sensitive data and allows unauthorized access

Related
ReporterTitlePublishedViews
Family
0day.today
Milesight UR5X / UR32L / UR32 / UR35 / UR41 Credential Leakage Exploit
5 Feb 202400:00
zdt
ATTACKERKB
CVE-2023-43261
4 Oct 202312:15
attackerkb
BDU FSTEC
The vulnerability of Milesight UR5X, UR32L, UR32, UR35, and UR41 router microprogramming systems lies in the insufficient protection of service data, allowing attackers to gain unauthorized access to protected information.
11 Oct 202300:00
bdu_fstec
BDU FSTEC
The vulnerability of the Titan SFTP and Titan MFT NextGen server software lies in the improper restriction on the path name to the restricted directory. This allows attackers to read arbitrary files from the file system.
19 Oct 202300:00
bdu_fstec
BDU FSTEC
The vulnerability of the Titan SFTP and Titan MFT NextGen server software lies in the improper restriction on the path name to the restricted directory. This allows attackers to write files to any location within the file system.
20 Oct 202300:00
bdu_fstec
BDU FSTEC
The vulnerability of the Titan SFTP and Titan MFT NextGen server software lies in improper session management, allowing attackers to execute arbitrary code.
20 Oct 202300:00
bdu_fstec
BDU FSTEC
The vulnerability of Titan SFTP and Titan MFT NextGen server software lies in improper default permissions, allowing unauthorized access by attackers to protected information.
20 Oct 202300:00
bdu_fstec
BDU FSTEC
The vulnerability of the Titan SFTP and Titan MFT NextGen server software lies in the improper limitation of the path name for the restricted access directory. This allows a perpetrator to obtain an arbitrary file size from the file system.
20 Oct 202300:00
bdu_fstec
Circl
CVE-2023-43261
2 Oct 202310:59
circl
Circl
CVE-2023-45685
16 Oct 202320:31
circl
Rows per page

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation