Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
visionsoft audit 12.4.0.0 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-4149
The Visionsoft Audit on Demand Service (VSAOD) in Visionsoft Audit 12.4.0.0 does not require authentication for (1) the "LOG." command, which allows remote malicious users to create or overwrite arbitrary files; (2) the SETTINGSFILE command, which allows remote maliciou...
Visionsoft Audit 12.4.0.0
NA
CVE-2007-4151
The Visionsoft Audit on Demand Service (VSAOD) in Visionsoft Audit 12.4.0.0 allows remote malicious users to obtain sensitive information via (1) a LOG.ON command, which reveals the logging pathname in the server response; (2) a VER command, which reveals the version number in th...
Visionsoft Audit 12.4.0.0
NA
CVE-2007-4152
The Visionsoft Audit on Demand Service (VSAOD) in Visionsoft Audit 12.4.0.0 allows remote malicious users to conduct replay attacks by capturing and resending data from the DETAILS and PROCESS sections of a session that schedules an audit.
Visionsoft Audit 12.4.0.0
NA
CVE-2007-4148
Heap-based buffer overflow in the Visionsoft Audit on Demand Service (VSAOD) in Visionsoft Audit 12.4.0.0 allows remote malicious users to cause a denial of service (persistent daemon crashes) or execute arbitrary code via a long filename in a "LOG." command.
Visionsoft Audit 12.4.0.0
7.5
CVSSv3
CVE-2007-4150
The Visionsoft Audit on Demand Service (VSAOD) in Visionsoft Audit 12.4.0.0 uses weak cryptography (XOR) when (1) transmitting passwords, which allows remote malicious users to obtain sensitive information by sniffing the network; and (2) storing passwords in the configuration fi...
Visionsoft Audit 12.4.0.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22120
CVE-2024-35921
CVE-2024-35874
brute force
CVE-2024-36080
unprivileged
CVE-2024-35917
IDOR
CVE-2024-4947
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started