Click to open the Alert Filter

 
Year Month
Severity
Categories
Search by Alert Name
Page(s) : 1 ... 524 525 526 527 528 529 530 531 532 533 [534] 535 536 537 538 539 540 541 542 543 544 ... Result(s) : 43383

Alerts Feed Alerts

DATE NAME CATEGORIES DETAIL
9.8 2022-08-10 CVE-2022-35536 cve WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 qos.cgi has no filtering on parameters: qos_bandwith and qos_dat, which leads to command injection in page /qos.shtml.
9.8 2022-08-10 CVE-2022-35535 cve WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 wireless.cgi has no filtering on parameter macAddr, which leads to command injection in page /wifi_mesh.shtml.
9.8 2022-08-10 CVE-2022-35534 cve WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 wireless.cgi has no filtering on parameter hiddenSSID32g and SSID2G2, which leads to command injection in page /wifi_multi_s...
9.8 2022-08-10 CVE-2022-35533 cve WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 qos.cgi has no filtering on parameters: cli_list and cli_num, which leads to command injection in page /qos.shtml.
9.8 2022-08-10 CVE-2022-35526 cve WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 login.cgi has no filtering on parameter key, which leads to command injection in page /login.shtml.
9.8 2022-08-10 CVE-2022-35525 cve WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 adm.cgi has no filtering on parameter led_switch, which leads to command injection in page /ledonoff.shtml.
9.8 2022-08-10 CVE-2022-35524 cve WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 adm.cgi has no filtering on parameters: wlan_signal, web_pskValue, sel_EncrypTyp, sel_Automode, wlan_bssid, wlan_ssid and wl...
9.8 2022-08-10 CVE-2022-35523 cve WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 firewall.cgi has no filtering on parameter del_mac and parameter flag, which leads to command injection in page /cli_black_l...
9.8 2022-08-10 CVE-2022-35522 cve WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 adm.cgi has no filtering on parameters: ppp_username, ppp_passwd, rwan_gateway, rwan_mask and rwan_ip, which leads to comman...
9.8 2022-08-10 CVE-2022-35521 cve WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 firewall.cgi has no filtering on parameters: remoteManagementEnabled, blockPortScanEnabled, pingFrmWANFilterEnabled and bloc...
9.8 2022-08-10 CVE-2022-35520 cve WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 api.cgi has no filtering on parameter ufconf, and this is a hidden parameter which doesn't appear in POST body, but exi...
9.8 2022-08-10 CVE-2022-35519 cve WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 firewall.cgi has no filtering on parameter add_mac, which leads to command injection in page /cli_black_list.shtml.
9.8 2022-08-10 CVE-2022-35518 cve WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 nas.cgi has no filtering on parameters: User1Passwd and User1, which leads to command injection in page /nas_disk.shtml.
9.8 2022-08-10 CVE-2022-35491 cve TOTOLINK A3002RU V3.0.0-B20220304.1804 has a hardcoded password for root in /etc/shadow.sample.
9.8 2022-08-10 CVE-2022-35426 cve UCMS 1.6 is vulnerable to arbitrary file upload via ucms/sadmin/file PHP file.
9.1 2022-08-10 CVE-2022-35293 cve Due to insecure session management, SAP Enable Now allows an unauthenticated attacker to gain access to user's account. On successful exploitation, an attacker can view or ...
9.8 2022-08-10 CVE-2022-32429 cve An authentication-bypass issue in the component http://MYDEVICEIP/cgi-bin-sdb/ExportSettings.sh of Mega System Technologies Inc MSNSwitch MNT.2408 allows unauthenticated attacke...
9.8 2022-08-10 CVE-2022-38129 cve A path traversal vulnerability exists in the com.keysight.tentacle.licensing.LicenseManager.addLicenseFile() method in the Keysight Sensor Management Server (SMS). This allows a...
9.8 2022-08-10 CVE-2022-35280 cve IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise ...
9.8 2022-08-10 CVE-2022-38130 cve The com.keysight.tentacle.config.ResourceManager.smsRestoreDatabaseZip() method is used to restore the HSQLDB database used in SMS. It takes the path of the zipped database file...
Page(s) : 1 ... 524 525 526 527 528 529 530 531 532 533 [534] 535 536 537 538 539 540 541 542 543 544 ... Result(s) : 43383