Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
axel vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2005-0390
Buffer overflow in the HTTP redirection capability in conn.c for Axel prior to 1.0b may allow remote malicious users to execute arbitrary code.
Axel Axel 1.0a
6.8
CVSSv3
CVE-2018-12323
An issue exists on Momentum Axel 720P 5.1.8 devices. A password of EHLGVG is hard-coded for the root and admin accounts, which makes it easier for physically proximate malicious users to login at the console.
Apollotechnologiesinc Momentum Axel 720p
Apollotechnologiesinc Momentum Axel 720p Firmware 5.1.8
5.9
CVSSv3
CVE-2020-13614
An issue exists in ssl.c in Axel prior to 2.17.8. The TLS implementation lacks hostname verification.
Axel Project Axel
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
4.4
CVSSv3
CVE-2018-12261
An issue exists on Momentum Axel 720P 5.1.8 devices. All processes run as root.
Apollotechnologiesinc Momentum Axel 720p Firmware 5.1.8
7.4
CVSSv3
CVE-2018-10328
Momentum Axel 720P 5.1.8 devices have a hardcoded password of streaming for the appagent account, which allows remote malicious users to view the RTSP video stream.
Momentum Momentum Axel 720p Firmware 5.1.8
6.8
CVSSv3
CVE-2018-12259
An issue exists on Momentum Axel 720P 5.1.8 devices. Root access can be obtained via UART pins without any restrictions, which leads to full system compromise.
Apollotechnologiesinc Momentum Axel 720p Firmware 5.1.8
6.7
CVSSv3
CVE-2018-12260
An issue exists on Momentum Axel 720P 5.1.8 devices. The root password can be obtained in cleartext by issuing the command 'showKey' from the root CLI. This password may be the same on all devices
Apollotechnologiesinc Momentum Axel 720p Firmware 5.1.8
6.8
CVSSv3
CVE-2018-12258
An issue exists on Momentum Axel 720P 5.1.8 devices. Custom Firmware Upgrade is possible via an SD Card. With physical access, an attacker can upgrade the firmware in under 60 seconds by inserting an SD card containing the firmware with name 'ezviz.dav' and rebooting.
Apollotechnologiesinc Momentum Axel 720p Firmware 5.1.8
4.4
CVSSv3
CVE-2018-12257
An issue exists on Momentum Axel 720P 5.1.8 devices. There is Authenticated Custom Firmware Upgrade via DNS Hijacking. An authenticated root user with CLI access is able to remotely upgrade firmware to a custom image due to lack of SSL validation by changing the nameservers in /e...
Apollotechnologiesinc Momentum Axel 720p Firmware 5.1.8
1 Github repository
5.3
CVSSv3
CVE-2021-38165
Lynx up to and including 2.8.9 mishandles the userinfo subcomponent of a URI, which allows remote malicious users to discover cleartext credentials because they may appear in SNI data.
Lynx Project Lynx
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-3675
CVE-2024-3400
CVE-2024-23557
mass assignment
CVE-2023-1389
local file inclusion
CVE-2024-32596
file upload
CVE-2024-32593
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »