Page(s) : 1 ... 524 525 526 527 528 529 530 531 532 533 [534] 535 536 537 538 539 540 541 542 543 544 ... | Result(s) : 43383 |
Alerts
DATE | NAME | CATEGORIES | DETAIL | |
---|---|---|---|---|
9.8 | 2022-08-10 | CVE-2022-35536 | cve | WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 qos.cgi has no filtering on parameters: qos_bandwith and qos_dat, which leads to command injection in page /qos.shtml. |
9.8 | 2022-08-10 | CVE-2022-35535 | cve | WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 wireless.cgi has no filtering on parameter macAddr, which leads to command injection in page /wifi_mesh.shtml. |
9.8 | 2022-08-10 | CVE-2022-35534 | cve | WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 wireless.cgi has no filtering on parameter hiddenSSID32g and SSID2G2, which leads to command injection in page /wifi_multi_s... |
9.8 | 2022-08-10 | CVE-2022-35533 | cve | WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 qos.cgi has no filtering on parameters: cli_list and cli_num, which leads to command injection in page /qos.shtml. |
9.8 | 2022-08-10 | CVE-2022-35526 | cve | WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 login.cgi has no filtering on parameter key, which leads to command injection in page /login.shtml. |
9.8 | 2022-08-10 | CVE-2022-35525 | cve | WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 adm.cgi has no filtering on parameter led_switch, which leads to command injection in page /ledonoff.shtml. |
9.8 | 2022-08-10 | CVE-2022-35524 | cve | WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 adm.cgi has no filtering on parameters: wlan_signal, web_pskValue, sel_EncrypTyp, sel_Automode, wlan_bssid, wlan_ssid and wl... |
9.8 | 2022-08-10 | CVE-2022-35523 | cve | WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 firewall.cgi has no filtering on parameter del_mac and parameter flag, which leads to command injection in page /cli_black_l... |
9.8 | 2022-08-10 | CVE-2022-35522 | cve | WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 adm.cgi has no filtering on parameters: ppp_username, ppp_passwd, rwan_gateway, rwan_mask and rwan_ip, which leads to comman... |
9.8 | 2022-08-10 | CVE-2022-35521 | cve | WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 firewall.cgi has no filtering on parameters: remoteManagementEnabled, blockPortScanEnabled, pingFrmWANFilterEnabled and bloc... |
9.8 | 2022-08-10 | CVE-2022-35520 | cve | WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 api.cgi has no filtering on parameter ufconf, and this is a hidden parameter which doesn't appear in POST body, but exi... |
9.8 | 2022-08-10 | CVE-2022-35519 | cve | WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 firewall.cgi has no filtering on parameter add_mac, which leads to command injection in page /cli_black_list.shtml. |
9.8 | 2022-08-10 | CVE-2022-35518 | cve | WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 nas.cgi has no filtering on parameters: User1Passwd and User1, which leads to command injection in page /nas_disk.shtml. |
9.8 | 2022-08-10 | CVE-2022-35491 | cve | TOTOLINK A3002RU V3.0.0-B20220304.1804 has a hardcoded password for root in /etc/shadow.sample. |
9.8 | 2022-08-10 | CVE-2022-35426 | cve | UCMS 1.6 is vulnerable to arbitrary file upload via ucms/sadmin/file PHP file. |
9.1 | 2022-08-10 | CVE-2022-35293 | cve | Due to insecure session management, SAP Enable Now allows an unauthenticated attacker to gain access to user's account. On successful exploitation, an attacker can view or ... |
9.8 | 2022-08-10 | CVE-2022-32429 | cve | An authentication-bypass issue in the component http://MYDEVICEIP/cgi-bin-sdb/ExportSettings.sh of Mega System Technologies Inc MSNSwitch MNT.2408 allows unauthenticated attacke... |
9.8 | 2022-08-10 | CVE-2022-38129 | cve | A path traversal vulnerability exists in the com.keysight.tentacle.licensing.LicenseManager.addLicenseFile() method in the Keysight Sensor Management Server (SMS). This allows a... |
9.8 | 2022-08-10 | CVE-2022-35280 | cve | IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise ... |
9.8 | 2022-08-10 | CVE-2022-38130 | cve | The com.keysight.tentacle.config.ResourceManager.smsRestoreDatabaseZip() method is used to restore the HSQLDB database used in SMS. It takes the path of the zipped database file... |
Page(s) : 1 ... 524 525 526 527 528 529 530 531 532 533 [534] 535 536 537 538 539 540 541 542 543 544 ... | Result(s) : 43383 |