Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gateway firmware vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-31446
In Cassia Gateway firmware XC1000_2.1.1.2303082218 and XC2000_2.1.1.2303090947, the queueUrl parameter in /bypass/config is not sanitized. This leads to injecting Bash code and executing it with root privileges on device startup.
Cassianetworks Xc1000 Firmware 2.1.1.2303082218
Cassianetworks Xc2000 Firmware 2.1.1.2303090947
1 Github repository
NA
CVE-2023-48795
The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH prior to 9.6 and other products, allows remote malicious users to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may conseque...
Openbsd Openssh
Putty Putty
Filezilla-project Filezilla Client
Microsoft Powershell
Panic Transmit 5
Panic Nova
Roumenpetrov Pkixssh
Winscp Winscp
Bitvise Ssh Client
Bitvise Ssh Server
Lancom-systems Lcos
Lancom-systems Lcos Fx -
Lancom-systems Lcos Lx -
Lancom-systems Lcos Sx 5.20
Lancom-systems Lcos Sx 4.20
Lancom-systems Lanconfig -
Vandyke Securecrt
Libssh Libssh
Net-ssh Net-ssh 7.2.0
Ssh2 Project Ssh2
Proftpd Proftpd
Freebsd Freebsd
8 Github repositories
1 Article
NA
CVE-2023-32156
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected Tesla Model 3 vehicles. An attacker must first obtain the ability to execute privileged code on the Tesla infotainment system in order to exploit this vulnerability. The specific flaw exist...
NA
CVE-2023-20071
Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote malicious user to bypass the configured policies on an affected system. This vulnerability is due to a flaw in the FTP module of the Snort detection e...
Cisco Firepower Threat Defense
Cisco Cyber Vision
Cisco Unified Threat Defense
Cisco Meraki Mx Security Appliance Firmware -
NA
CVE-2023-4966
Sensitive information disclosure in NetScaler ADC and NetScaler Gateway when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA ?virtual?server.
Citrix Netscaler Gateway
Citrix Netscaler Application Delivery Controller
17 Github repositories
7 Articles
NA
CVE-2023-27917
OS command injection vulnerability in CONPROSYS IoT Gateway products allows a remote authenticated attacker who can access Network Maintenance page to execute arbitrary OS commands with a root privilege. The affected products and versions are as follows: M2M Gateway with the firm...
Contec Cps-mg341-adsc1-111 Firmware
Contec Cps-mg341-adsc1-931 Firmware
Contec Cps-mg341g-adsc1-111 Firmware
Contec Cps-mg341g-adsc1-930 Firmware
Contec Cps-mg341g5-adsc1-931 Firmware
Contec Cps-mc341-adsc1-111 Firmware
Contec Cps-mc341-adsc1-931 Firmware
Contec Cps-mc341-adsc2-111 Firmware
Contec Cps-mc341g-adsc1-110 Firmware
Contec Cps-mc341q-adsc1-111 Firmware
Contec Cps-mc341-ds1-111 Firmware
Contec Cps-mc341-ds11-111 Firmware
Contec Cps-mc341-ds2-911 Firmware
Contec Cps-mc341-a1-111 Firmware
Contec Cps-mcs341-ds1-111 Firmware
Contec Cps-mcs341-ds1-131 Firmware
Contec Cps-mcs341g-ds1-130 Firmware
Contec Cps-mcs341g5-ds1-130 Firmware
Contec Cps-mcs341q-ds1-131 Firmware
2 Github repositories
NA
CVE-2023-27389
Inadequate encryption strength vulnerability in CONPROSYS IoT Gateway products allows a remote authenticated attacker with an administrative privilege to apply a specially crafted Firmware update file, alter the information, cause a denial-of-service (DoS) condition, and/or execu...
Contec Cps-mg341-adsc1-111 Firmware
Contec Cps-mg341-adsc1-931 Firmware
Contec Cps-mg341g-adsc1-111 Firmware
Contec Cps-mg341g-adsc1-930 Firmware
Contec Cps-mg341g5-adsc1-931 Firmware
Contec Cps-mc341-adsc1-111 Firmware
Contec Cps-mc341-adsc1-931 Firmware
Contec Cps-mc341-adsc2-111 Firmware
Contec Cps-mc341g-adsc1-110 Firmware
Contec Cps-mc341q-adsc1-111 Firmware
Contec Cps-mc341-ds1-111 Firmware
Contec Cps-mc341-ds11-111 Firmware
Contec Cps-mc341-ds2-911 Firmware
Contec Cps-mc341-a1-111 Firmware
Contec Cps-mcs341-ds1-111 Firmware
Contec Cps-mcs341-ds1-131 Firmware
Contec Cps-mcs341g-ds1-130 Firmware
Contec Cps-mcs341g5-ds1-130 Firmware
Contec Cps-mcs341q-ds1-131 Firmware
2 Github repositories
NA
CVE-2023-23575
Improper access control vulnerability in CONPROSYS IoT Gateway products allows a remote authenticated malicious user to bypass access restriction and access Network Maintenance page, which may result in obtaining the network information of the product. The affected products and v...
Contec Cps-mg341-adsc1-111 Firmware
Contec Cps-mg341-adsc1-931 Firmware
Contec Cps-mg341g-adsc1-111 Firmware
Contec Cps-mg341g-adsc1-930 Firmware
Contec Cps-mg341g5-adsc1-931 Firmware
Contec Cps-mc341-adsc1-111 Firmware
Contec Cps-mc341-adsc1-931 Firmware
Contec Cps-mc341-adsc2-111 Firmware
Contec Cps-mc341g-adsc1-110 Firmware
Contec Cps-mc341q-adsc1-111 Firmware
Contec Cps-mc341-ds1-111 Firmware
Contec Cps-mc341-ds11-111 Firmware
Contec Cps-mc341-ds2-911 Firmware
Contec Cps-mc341-a1-111 Firmware
Contec Cps-mcs341-ds1-111 Firmware
Contec Cps-mcs341-ds1-131 Firmware
Contec Cps-mcs341g-ds1-130 Firmware
Contec Cps-mcs341g5-ds1-130 Firmware
Contec Cps-mcs341q-ds1-131 Firmware
NA
CVE-2022-47767
A backdoor in Solar-Log Gateway products allows remote access via web panel gaining super administration privileges to the attacker. This affects all Solar-Log devices that use firmware version v4.2.7 up to v5.1.1 (included).
Solar-log Solar-log 250 Firmware
Solar-log Solar-log 300 Firmware
Solar-log Solar-log 500 Firmware
Solar-log Solar-log 800e Firmware
Solar-log Solar-log 1000 Firmware
Solar-log Solar-log 1000 Pm\\+ Firmware
Solar-log Solar-log 1200 Firmware
Solar-log Solar-log 2000 Firmware
Solar-log Solar-log 50 Firmware
NA
CVE-2020-22654
In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.0.199, Ruckus T301n 10.5.1.0.199, Ruckus T301s 10.5.1.0.199, SmartCell Gateway 200 (SCG200) prior to 3.6.2.0.795, SmartZone 100 (SZ-100) prior to 3.6.2.0.795, SmartZone 300 (SZ300)...
Ruckuswireless R310 Firmware 10.5.1.0.199
Ruckuswireless R500 Firmware 10.5.1.0.199
Ruckuswireless R600 Firmware 10.5.1.0.199
Ruckuswireless T300 Firmware 10.5.1.0.199
Ruckuswireless T301n Firmware 10.5.1.0.199
Ruckuswireless T301s Firmware 10.5.1.0.199
Ruckuswireless Scg200 Firmware
Ruckuswireless Sz-100 Firmware
Ruckuswireless Sz-300 Firmware
Ruckuswireless Vsz Firmware
Ruckuswireless Zonedirector 1100 Firmware 9.10.2.0.130
Ruckuswireless Zonedirector 1200 Firmware 10.2.1.0.218
Ruckuswireless Zonedirector 3000 Firmware 10.2.1.0.218
Ruckuswireless Zonedirector 5000 Firmware 10.0.1.0.151
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581
reflected XSS
CVE-2024-26925
CVE-2024-27956
LFI
CVE-2024-3607
CVE-2024-3107
CVE-2024-3295
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »