stefan viehbock vulnerabilities and exploits

(subscribe to this query)

Use of a hardcoded cryptographic key in the FortiGuard services communication protocol may allow a Man in the middle with knowledge of the key to eavesdrop on and modify information (URL/SPAM services in FortiOS 5.6, and URL/SPAM/AV services in FortiOS 6.0.; URL rating in FortiCl...

Fortinet Forticlient Fortinet Fortios

A Cross-site Scripting (XSS) vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.0 to 5.6.7, 5.4 and below versions under SSL VPN web portal allows a remote user to inject arbitrary web script or HTML in the context of the victim's browser via the login redir parameter. An...

Fortinet Fortios

A CWE-798: Use of Hard-coded Credentials vulnerability exists in EVlink City (EVC1S22P4 / EVC1S7P4 all versions prior to R8 V3.4.0.1), EVlink Parking (EVW2 / EVF2 / EV.2 all versions prior to R8 V3.4.0.1), and EVlink Smart Wallbox (EVB1A all versions prior to R8 V3.4.0.1 ) that c...

Schneider-electric Evlink City Evc1s22p4 Firmware Schneider-electric Evlink City Evc1s7p4 Firmware Schneider-electric Evlink Parking Evw2 Firmware Schneider-electric Evlink Parking Evf2 Firmware Schneider-electric Evlink Parking Ev.2 Firmware Schneider-electric Evlink Smart Wallbox Evb1a Firmware

All versions of Hangzhou Xiongmai Technology Co., Ltd XMeye P2P Cloud Server do not encrypt all device communication. This includes the XMeye service and firmware update communication. This could allow an malicious user to eavesdrop on video feeds, steal XMeye login credentials, ...

Xiongmaitech Xmeye P2p Cloud Server -

All versions of Hangzhou Xiongmai Technology Co., Ltd XMeye P2P Cloud Server may allow an malicious user to use MAC addresses to enumerate potential Cloud IDs. Using this ID, the attacker can discover and connect to valid devices using one of the supported apps.

Xiongmaitech Xmeye P2p Cloud Server

All versions of Hangzhou Xiongmai Technology Co., Ltd XMeye P2P Cloud Server may allow an malicious user to use an undocumented user account "default" with its default password to login to XMeye and access/view video streams.

Xiongmaitech Xmeye P2p Cloud Server

Directory traversal vulnerability in TP-LINK Archer C5 (1.2) with firmware prior to 150317, C7 (2.0) with firmware prior to 150304, and C8 (1.0) with firmware prior to 150316, Archer C9 (1.0), TL-WDR3500 (1.0), TL-WDR3600 (1.0), and TL-WDR4300 (1.0) with firmware prior to 150302,...

Tp-link Tl-wr841n \\(9.0\\) Firmware Tp-link Tl-wr740n \\(5.0\\) Firmware Tp-link Archer C5 \\(1.2\\) Firmware Tp-link Tl-wr841n \\(10.0\\) Firmware Tp-link Tl-wr741nd \\(5.0\\) Firmware Tp-link Tl-wr741nd \\(5.0\\)Tp-link Tl-wdr3600 \\(1.0\\) Firmware Tp-link Archer C7 \\(2.0\\) Firmware Tp-link Tl-wr841nd \\(10.0\\) Firmware 150104 Tp-link Archer C9 \\(1.0\\) Firmware Tp-link Tl-wr841nd \\(9.0\\) Firmware Tp-link Archer C8 \\(1.0\\) Firmware Tp-link Tl-wdr4300 \\(1.0\\) Firmware Tp-link Tl-wdr3500 \\(1.0\\) Firmware

A Code Injection vulnerability exists in EVLink Parking, v3.2.0-12_v1 and previous versions, which could enable access with maximum privileges when a remote code execution is performed.

Schneider-electric Evlink Parking Firmware

A CWE-347: Improper Verification of Cryptographic Signature vulnerability exists in EVlink City (EVC1S22P4 / EVC1S7P4 all versions prior to R8 V3.4.0.1), EVlink Parking (EVW2 / EVF2 / EV.2 all versions prior to R8 V3.4.0.1), and EVlink Smart Wallbox (EVB1A all versions prior to R...

Schneider-electric Evlink City Evc1s22p4 Firmware Schneider-electric Evlink City Evc1s7p4 Firmware Schneider-electric Evlink Parking Evw2 Firmware Schneider-electric Evlink Parking Evf2 Firmware Schneider-electric Evlink Parking Ev.2 Firmware Schneider-electric Evlink Smart Wallbox Evb1a Firmware

On Barracuda CloudGen WAN Private Edge Gateway devices prior to 8 webui-sdwan-1089-8.3.1-174141891, an OS command injection vulnerability exists in /ajax/update_certificate - a crafted HTTP request allows an authenticated malicious user to execute arbitrary commands. For example,...

Barracuda T100b Firmware 8.3.1 Barracuda T200c Firmware 8.3.1 Barracuda T400c Firmware 8.3.1 Barracuda T600d Firmware 8.3.1 Barracuda T900b Firmware 8.3.1 Barracuda T93a Firmware 8.3.1 Barracuda T193a Firmware 8.3.1

1 2 NEXT »

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook