Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
stefan viehbock vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-26213
On Barracuda CloudGen WAN Private Edge Gateway devices prior to 8 webui-sdwan-1089-8.3.1-174141891, an OS command injection vulnerability exists in /ajax/update_certificate - a crafted HTTP request allows an authenticated malicious user to execute arbitrary commands. For example,...
Barracuda T100b Firmware 8.3.1
Barracuda T200c Firmware 8.3.1
Barracuda T400c Firmware 8.3.1
Barracuda T600d Firmware 8.3.1
Barracuda T900b Firmware 8.3.1
Barracuda T93a Firmware 8.3.1
Barracuda T193a Firmware 8.3.1
4.3
CVSSv2
CVE-2018-9195
Use of a hardcoded cryptographic key in the FortiGuard services communication protocol may allow a Man in the middle with knowledge of the key to eavesdrop on and modify information (URL/SPAM services in FortiOS 5.6, and URL/SPAM/AV services in FortiOS 6.0.; URL rating in FortiCl...
Fortinet Forticlient
Fortinet Fortios
6.4
CVSSv2
CVE-2018-17915
All versions of Hangzhou Xiongmai Technology Co., Ltd XMeye P2P Cloud Server do not encrypt all device communication. This includes the XMeye service and firmware update communication. This could allow an malicious user to eavesdrop on video feeds, steal XMeye login credentials, ...
Xiongmaitech Xmeye P2p Cloud Server -
5
CVSSv2
CVE-2018-17917
All versions of Hangzhou Xiongmai Technology Co., Ltd XMeye P2P Cloud Server may allow an malicious user to use MAC addresses to enumerate potential Cloud IDs. Using this ID, the attacker can discover and connect to valid devices using one of the supported apps.
Xiongmaitech Xmeye P2p Cloud Server
6.4
CVSSv2
CVE-2018-17919
All versions of Hangzhou Xiongmai Technology Co., Ltd XMeye P2P Cloud Server may allow an malicious user to use an undocumented user account "default" with its default password to login to XMeye and access/view video streams.
Xiongmaitech Xmeye P2p Cloud Server
3.5
CVSSv2
CVE-2017-14186
A Cross-site Scripting (XSS) vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.0 to 5.6.7, 5.4 and below versions under SSL VPN web portal allows a remote user to inject arbitrary web script or HTML in the context of the victim's browser via the login redir parameter. An...
Fortinet Fortios
6.8
CVSSv2
CVE-2018-7801
A Code Injection vulnerability exists in EVLink Parking, v3.2.0-12_v1 and previous versions, which could enable access with maximum privileges when a remote code execution is performed.
Schneider-electric Evlink Parking Firmware
10
CVSSv2
CVE-2021-22707
A CWE-798: Use of Hard-coded Credentials vulnerability exists in EVlink City (EVC1S22P4 / EVC1S7P4 all versions prior to R8 V3.4.0.1), EVlink Parking (EVW2 / EVF2 / EV.2 all versions prior to R8 V3.4.0.1), and EVlink Smart Wallbox (EVB1A all versions prior to R8 V3.4.0.1 ) that c...
Schneider-electric Evlink City Evc1s22p4 Firmware
Schneider-electric Evlink City Evc1s7p4 Firmware
Schneider-electric Evlink Parking Evw2 Firmware
Schneider-electric Evlink Parking Evf2 Firmware
Schneider-electric Evlink Parking Ev.2 Firmware
Schneider-electric Evlink Smart Wallbox Evb1a Firmware
6.5
CVSSv2
CVE-2021-22708
A CWE-347: Improper Verification of Cryptographic Signature vulnerability exists in EVlink City (EVC1S22P4 / EVC1S7P4 all versions prior to R8 V3.4.0.1), EVlink Parking (EVW2 / EVF2 / EV.2 all versions prior to R8 V3.4.0.1), and EVlink Smart Wallbox (EVB1A all versions prior to R...
Schneider-electric Evlink City Evc1s22p4 Firmware
Schneider-electric Evlink City Evc1s7p4 Firmware
Schneider-electric Evlink Parking Evw2 Firmware
Schneider-electric Evlink Parking Evf2 Firmware
Schneider-electric Evlink Parking Ev.2 Firmware
Schneider-electric Evlink Smart Wallbox Evb1a Firmware
7.8
CVSSv2
CVE-2015-3035
Directory traversal vulnerability in TP-LINK Archer C5 (1.2) with firmware prior to 150317, C7 (2.0) with firmware prior to 150304, and C8 (1.0) with firmware prior to 150316, Archer C9 (1.0), TL-WDR3500 (1.0), TL-WDR3600 (1.0), and TL-WDR4300 (1.0) with firmware prior to 150302,...
Tp-link Tl-wr841n \\(9.0\\) Firmware
Tp-link Tl-wr740n \\(5.0\\) Firmware
Tp-link Archer C5 \\(1.2\\) Firmware
Tp-link Tl-wr841n \\(10.0\\) Firmware
Tp-link Tl-wr741nd \\(5.0\\) Firmware
Tp-link Tl-wr741nd \\(5.0\\)
Tp-link Tl-wdr3600 \\(1.0\\) Firmware
Tp-link Archer C7 \\(2.0\\) Firmware
Tp-link Tl-wr841nd \\(10.0\\) Firmware 150104
Tp-link Archer C9 \\(1.0\\) Firmware
Tp-link Tl-wr841nd \\(9.0\\) Firmware
Tp-link Archer C8 \\(1.0\\) Firmware
Tp-link Tl-wdr4300 \\(1.0\\) Firmware
Tp-link Tl-wdr3500 \\(1.0\\) Firmware
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »