Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ntp vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2020-9026
ELTEX NTP-RG-1402G 1v10 3.25.3.32 devices allow OS command injection via the PING field of the resource ping.cmd. The NTP-2 device is also affected.
Eltex-co Ntp-2 Firmware 3.25.1.1226
Eltex-co Ntp-rg-1402g Firmware 3.25.3.32
10
CVSSv2
CVE-2020-9027
ELTEX NTP-RG-1402G 1v10 3.25.3.32 devices allow OS command injection via the TRACE field of the resource ping.cmd. The NTP-2 device is also affected.
Eltex-co Ntp-2 Firmware 3.25.1.1226
Eltex-co Ntp-rg-1402g Firmware 3.25.3.32
10
CVSSv2
CVE-2020-9020
Iteris Vantage Velocity Field Unit 2.3.1, 2.4.2, and 3.0 devices allow the injection of OS commands into cgi-bin/timeconfig.py via shell metacharacters in the NTP Server field.
Iteris Vantage Velocity Firmware 2.3.1
Iteris Vantage Velocity Firmware 2.4.2
Iteris Vantage Velocity Firmware 3.0
10
CVSSv2
CVE-2015-5989
Belkin F9K1102 2 devices with firmware 2.10.17 rely on client-side JavaScript code for authorization, which allows remote malicious users to obtain administrative privileges via certain changes to LockStatus and Login_Success values.
Belkin N600 Db Wi-fi Dual-band N\\\\\\+ Router F9k1102 Firmware 2.10.17
10
CVSSv2
CVE-2012-1288
The UTC Fire & Security GE-MC100-NTP/GPS-ZB Master Clock device uses hardcoded credentials for an administrative account, which makes it easier for remote malicious users to obtain access via an HTTP session.
Utc Utc Fire \\& Security Ge-mc100-ntp\\/gps-zb Master Clock Device -
10
CVSSv2
CVE-2006-3628
Multiple format string vulnerabilities in Wireshark (aka Ethereal) 0.10.x to 0.99.0 allow remote malicious users to cause a denial of service and possibly execute arbitrary code via the (1) ANSI MAP, (2) Checkpoint FW-1, (3) MQ, (4) XML, and (5) NTP dissectors.
Ethereal Group Ethereal 0.10.1
Ethereal Group Ethereal 0.10.10
Ethereal Group Ethereal 0.10.4
Ethereal Group Ethereal 0.10.5
Ethereal Group Ethereal 0.10.6
Wireshark Wireshark 0.10.4
Wireshark Wireshark 0.99
Ethereal Group Ethereal 0.10.11
Ethereal Group Ethereal 0.10.12
Ethereal Group Ethereal 0.10.7
Ethereal Group Ethereal 0.10.8
Wireshark Wireshark 0.99.1
Ethereal Group Ethereal 0.10.0
Ethereal Group Ethereal 0.10.0a
Ethereal Group Ethereal 0.10.2
Ethereal Group Ethereal 0.10.3
Wireshark Wireshark 0.10
Wireshark Wireshark 0.10.13
Ethereal Group Ethereal 0.10
Ethereal Group Ethereal 0.10.13
Ethereal Group Ethereal 0.10.14
Ethereal Group Ethereal 0.10.9
10
CVSSv2
CVE-2001-0414
Buffer overflow in ntpd ntp daemon 4.0.99k and previous versions (aka xntpd and xntp3) allows remote malicious users to cause a denial of service and possibly execute arbitrary commands via a long readvar argument.
Dave Mills Ntpd 4.0.99b
Dave Mills Ntpd 4.0.99c
Dave Mills Xntp3 5.93
Dave Mills Xntp3 5.93a
Dave Mills Ntpd 4.0.99
Dave Mills Ntpd 4.0.99a
Dave Mills Ntpd 4.0.99h
Dave Mills Ntpd 4.0.99i
Dave Mills Ntpd 4.0.99j
Dave Mills Ntpd
Dave Mills Ntpd 4.0.99f
Dave Mills Ntpd 4.0.99g
Dave Mills Xntp3 5.93d
Dave Mills Xntp3 5.93e
Dave Mills Ntpd 4.0.99d
Dave Mills Ntpd 4.0.99e
Dave Mills Xntp3 5.93b
Dave Mills Xntp3 5.93c
3 EDB exploits
9.3
CVSSv2
CVE-2018-18638
A command injection vulnerability in the setup API in the Neato Botvac Connected 2.2.0 allows network malicious users to execute arbitrary commands via shell metacharacters in the ntp field within JSON data to the /robot/initialize endpoint.
Neatorobotics Botvac Connected Firmware 2.2.0
9.3
CVSSv2
CVE-2015-5988
The web management interface on Belkin F9K1102 2 devices with firmware 2.10.17 has a blank password, which allows remote malicious users to obtain administrative privileges by leveraging a LAN session.
Belkin N600 Db Wi-fi Dual-band N\\\\\\+ Router F9k1102 Firmware 2.10.17
9
CVSSv2
CVE-2021-30166
The NTP Server configuration function of the IP camera device is not verified with special parameters. Remote attackers can perform a command Injection attack and execute arbitrary commands after logging in with the privileged permission.
Meritlilin P2r8852e2 Firmware
Meritlilin P2r8852e4 Firmware
Meritlilin P2r6852e2 Firmware
Meritlilin P2r6852e4 Firmware
Meritlilin P2r6552e2 Firmware
Meritlilin P2r6552e4 Firmware
Meritlilin P2r6352ae2 Firmware
Meritlilin P2r6352ae4 Firmware
Meritlilin P2r3052ae2 Firmware
Meritlilin P2g1052 Firmware
Meritlilin P2r8822e2 Firmware
Meritlilin P2r8822e4 Firmware
Meritlilin P2r6822e2 Firmware
Meritlilin P2r6822e4 Firmware
Meritlilin P2r6522e2 Firmware
Meritlilin P2r6522e4 Firmware
Meritlilin P2r6322ae2 Firmware
Meritlilin P2r6322ae4 Firmware
Meritlilin P2r3022ae2 Firmware
Meritlilin P2g1022 Firmware
Meritlilin P2g1022x Firmware
Meritlilin Z2r8852ax Firmware
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
race condition
CVE-2024-4249
CVE-2024-4244
CVE-2023-20198
TCP
CVE-2022-48648
CVE-2022-48636
CVE-2024-21345
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »