Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
tftp tftp vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2001-1484
Alcatel ADSL modems allow remote malicious users to access the Trivial File Transfer Protocol (TFTP) to modify firmware and configuration via a bounce attack from a system on the local area network (LAN) side, which is allowed to access TFTP without authentication.
Alcatel Speed Touch Adsl Modem Home
Alcatel Adsl Modem 1000
9.8
CVSSv3
CVE-2019-5482
Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3.
Haxx Curl
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Opensuse Leap 15.0
Opensuse Leap 15.1
Netapp Cloud Backup -
Netapp Snapcenter -
Netapp Steelstore Cloud Integrated Storage -
Netapp Oncommand Unified Manager
Netapp Oncommand Workflow Automation -
Netapp Oncommand Insight -
Oracle Http Server 12.2.1.3.0
Oracle Enterprise Manager Ops Center 12.3.3
Oracle Communications Operations Monitor 3.4
Oracle Communications Operations Monitor 4.0
Oracle Enterprise Manager Ops Center 12.4.0
Oracle Oss Support Tools 20.0
Oracle Http Server 12.2.1.4.0
Oracle Communications Operations Monitor 4.2
Oracle Communications Operations Monitor 4.1
Oracle Communications Operations Monitor 4.3
NA
CVE-2002-1968
Com21 DOXport 1100 series cable modem running firmware 2.1.1.106, and possibly other versions prior to 2.1.1.108.003, downloads a DOCSIS configuration file from a TFTP server running on the internal network, which allows local users to modify configuration of the modem via a mali...
Com21 Doxport 1100 2.1.1.106
9.8
CVSSv3
CVE-2020-29381
An issue exists on V-SOL V1600D V2.03.69 and V2.03.57, V1600D4L V1.01.49, V1600D-MINI V1.01.48, V1600G1 V2.0.7 and V1.9.7, and V1600G2 V1.1.4 OLT devices. Command injection can occur in "upload tftp syslog" and "upload tftp configuration" in the CLI via a craf...
Vsolcn V1600d Firmware 2.03.57
Vsolcn V1600d Firmware 2.03.69
Vsolcn V1600d4l Firmware 1.01.49
Vsolcn V1600d-mini Firmware 1.01.48
Vsolcn V1600g1 Firmware 1.9.7
Vsolcn V1600g1 Firmware 2.0.7
Vsolcn V1600g2 Firmware 1.1.4
7.5
CVSSv3
CVE-2019-0603
A remote code execution vulnerability exists in the way that Windows Deployment Services TFTP Server handles objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code with elevated permissions on a target system. To exploit the vulne...
Microsoft Windows Server 2016 -
Microsoft Windows Server 2016 1803
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012 -
Microsoft Windows 7 -
Microsoft Windows 10 1607
Microsoft Windows 10 1803
Microsoft Windows 10 1809
Microsoft Windows 8.1 -
Microsoft Windows Server 2019 -
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2008 -
Microsoft Windows Rt 8.1 -
2 Articles
7.8
CVSSv3
CVE-2019-5436
A heap buffer overflow in the TFTP receiving code allows for DoS or arbitrary code execution in libcurl versions 7.19.4 up to and including 7.64.1.
Haxx Libcurl
Opensuse Leap 42.3
Opensuse Leap 15.0
Opensuse Leap 15.1
Fedoraproject Fedora 29
Debian Debian Linux 9.0
Debian Debian Linux 10.0
F5 Traffix Signaling Delivery Controller
Netapp Steelstore Cloud Integrated Storage -
Netapp Solidfire -
Netapp Hci Management Node -
Oracle Enterprise Manager Ops Center 12.3.3
Oracle Enterprise Manager Ops Center 12.4.0
Oracle Mysql Server
Oracle Oss Support Tools 20.0
9.8
CVSSv3
CVE-2018-8476
A remote code execution vulnerability exists in the way that Windows Deployment Services TFTP Server handles objects in memory, aka "Windows Deployment Services TFTP Server Remote Code Execution Vulnerability." This affects Windows Server 2012 R2, Windows Server 2008, W...
Microsoft Windows Server 2019 -
Microsoft Windows Server 2016 1803
Microsoft Windows Server 2012 -
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2008 -
Microsoft Windows Server 2016 -
Microsoft Windows Server 2012 R2
NA
CVE-2006-5584
The Remote Installation Service (RIS) in Microsoft Windows 2000 SP4 uses a TFTP server that allows anonymous access, which allows remote malicious users to upload and overwrite arbitrary files to gain privileges on systems that use RIS.
Microsoft Windows 2000
NA
CVE-2000-0015
CascadeView TFTP server allows local users to gain privileges via a symlink attack.
Ascend Cascadeview Ux 1.0
1 EDB exploit
NA
CVE-2014-0739
Race condition in the Phone Proxy component in Cisco Adaptive Security Appliance (ASA) Software 9.1(.3) and previous versions allows remote malicious users to bypass sec_db authentication and provide certain pass-through services to untrusted devices via a crafted configuration-f...
Cisco Adaptive Security Appliance Software 9.1\\(3\\)
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »