Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
web gateway vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2015-0929
time.htm in the web interface on SerVision HVG Video Gateway devices with firmware prior to 2.2.26a78 allows remote malicious users to bypass authentication and obtain administrative access by leveraging a cookie received in an HTTP response.
Servision Hvg Video Gateway Firmware
10
CVSSv2
CVE-2015-0930
The web interface on SerVision HVG Video Gateway devices with firmware prior to 2.2.26a100 has a hardcoded administrative password, which makes it easier for remote malicious users to obtain access via an HTTP session.
Servision Hvg Video Gateway Firmware
10
CVSSv2
CVE-2014-9222
AllegroSoft RomPager 4.34 and previous versions, as used in Huawei Home Gateway products and other vendors and products, allows remote malicious users to gain privileges via a crafted cookie that triggers memory corruption, aka the "Misfortune Cookie" vulnerability.
Allegrosoft Rompager
4 Metasploit modules
1 Nmap script
3 Github repositories
2 Articles
10
CVSSv2
CVE-2014-3306
The web server on Cisco DPC3010, DPC3212, DPC3825, DPC3925, DPQ3925, EPC3010, EPC3212, EPC3825, and EPC3925 Wireless Residential Gateway products allows remote malicious users to execute arbitrary code via a crafted HTTP request, aka Bug ID CSCup40808.
Cisco Epc3825 -
Cisco Dpc3010 -
Cisco Dpc3925 -
Cisco Dpq3925 -
Cisco Dpc3825 -
Cisco Epc3925 -
Cisco Dpc3212 -
Cisco Epc3212 -
Cisco Epc3010 -
10
CVSSv2
CVE-2012-2953
The management console in Symantec Web Gateway 5.0.x prior to 5.0.3.18 allows remote malicious users to execute arbitrary commands via crafted input to application scripts.
Symantec Web Gateway 5.0.1
Symantec Web Gateway 5.0
Symantec Web Gateway 5.0.2
Symantec Web Gateway 5.0.3
2 EDB exploits
10
CVSSv2
CVE-2012-2976
The management console in Symantec Web Gateway 5.0.x prior to 5.0.3.18 allows remote malicious users to execute arbitrary shell commands via crafted input to application scripts, related to an "injection" issue.
Symantec Web Gateway 5.0.3
Symantec Web Gateway 5.0.1
Symantec Web Gateway 5.0
Symantec Web Gateway 5.0.2
10
CVSSv2
CVE-2012-2974
The web interface on the SMC SMC8024L2 switch allows remote malicious users to bypass authentication and obtain administrative access via a direct request to a .html file under (1) status/, (2) system/, (3) ports/, (4) trunks/, (5) vlans/, (6) qos/, (7) rstp/, (8) dot1x/, (9) sec...
Smc Smc8024l2 Switch
10
CVSSv2
CVE-2012-0297
The management GUI in Symantec Web Gateway 5.0.x prior to 5.0.3 does not properly restrict access to application scripts, which allows remote malicious users to execute arbitrary code by (1) injecting crafted data or (2) including crafted data.
Symantec Web Gateway 5.0.1
Symantec Web Gateway 5.0
Symantec Web Gateway 5.0.2
4 EDB exploits
10
CVSSv2
CVE-2012-0299
The file-management scripts in the management GUI in Symantec Web Gateway 5.0.x prior to 5.0.3 allow remote malicious users to upload arbitrary code to a designated pathname, and possibly execute this code, via unspecified vectors.
Symantec Web Gateway 5.0.2
Symantec Web Gateway 5.0.1
Symantec Web Gateway 5.0
1 EDB exploit
10
CVSSv2
CVE-2011-4862
Buffer overflow in libtelnet/encrypt.c in telnetd in FreeBSD 7.3 up to and including 9.0, MIT Kerberos Version 5 Applications (aka krb5-appl) 1.0.2 and previous versions, Heimdal 1.5.1 and previous versions, GNU inetutils, and possibly other products allows remote malicious users...
Gnu Inetutils
Heimdal Project Heimdal
Mit Krb5-appl
Freebsd Freebsd
Fedoraproject Fedora 15
Fedoraproject Fedora 16
Debian Debian Linux 5.0
Debian Debian Linux 6.0
Debian Debian Linux 7.0
Opensuse Opensuse 11.3
Opensuse Opensuse 11.4
Suse Linux Enterprise Desktop 10
Suse Linux Enterprise Desktop 11
Suse Linux Enterprise Server 9
Suse Linux Enterprise Server 10
Suse Linux Enterprise Server 11
Suse Linux Enterprise Software Development Kit 10
Suse Linux Enterprise Software Development Kit 11
3 EDB exploits
4 Github repositories
1 Article
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48700
CVE-2022-48689
CVE-2024-27956
CVE-2023-6363
SQL
NULL pointer dereference
CVE-2023-41830
CVE-2015-2051
arbitrary
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »