|
212691
|
7.5 |
HIGH
Network
|
evenroute
|
iqrouter_firmware
|
In the web-panel in IQrouter through 3.3.1, remote attackers can read system logs because of Incorrect Access Control. Note: The vendor claims that this vulnerability can only occur on a brand-new ne…
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2020-11968
|
2024-11-21 13:59 |
2020-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212692
|
9.8 |
CRITICAL
Network
|
evenroute
|
iqrouter_firmware
|
In IQrouter through 3.3.1, remote attackers can control the device (restart network, reboot, upgrade, reset) because of Incorrect Access Control. Note: The vendor claims that this vulnerability can o…
|
CWE-862
Missing Authorization
|
CVE-2020-11967
|
2024-11-21 13:59 |
2020-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212693
|
9.8 |
CRITICAL
Network
|
evenroute
|
iqrouter_firmware
|
In IQrouter through 3.3.1, the Lua function reset_password in the web-panel allows remote attackers to change the root password arbitrarily. Note: The vendor claims that this vulnerability can only o…
|
CWE-521
Weak Password Requirements
|
CVE-2020-11966
|
2024-11-21 13:59 |
2020-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212694
|
9.8 |
CRITICAL
Network
|
evenroute
|
iqrouter_firmware
|
In IQrouter through 3.3.1, there is a root user without a password, which allows attackers to gain full remote access via SSH. Note: The vendor claims that this vulnerability can only occur on a bran…
|
CWE-287
Improper Authentication
|
CVE-2020-11965
|
2024-11-21 13:59 |
2020-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212695
|
7.5 |
HIGH
Network
|
evenroute
|
iqrouter_firmware
|
In IQrouter through 3.3.1, the Lua function diag_set_password in the web-panel allows remote attackers to change the root password arbitrarily. Note: The vendor claims that this vulnerability can onl…
|
CWE-287
Improper Authentication
|
CVE-2020-11964
|
2024-11-21 13:59 |
2020-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212696
|
- |
|
-
|
-
|
AdvaBuild uses a command queue to launch certain operations. An attacker who gains access to the
command queue can use it to launch an attack by running any executable on the AdvaBuild node. The
exec…
|
-
|
CVE-2020-11640
|
2024-11-21 13:58 |
2024-07-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212697
|
- |
|
-
|
-
|
An attacker could exploit the vulnerability by
injecting garbage data or specially crafted data. Depending on the data injected each process might be
affected differently. The process could crash or …
|
-
|
CVE-2020-11639
|
2024-11-21 13:58 |
2024-07-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212698
|
6.5 |
MEDIUM
Network
|
netiq
|
access_manager
|
This allows the information exposure to unauthorized users. This issue affects NetIQ Access Manager using version 4.5 or before
|
NVD-CWE-noinfo
|
CVE-2020-11843
|
2024-11-21 13:58 |
2024-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212699
|
- |
|
-
|
-
|
Allocation of Resources Without Limits or Throttling vulnerability in OpenText NetIQ Privileged Account Manager on Linux, Windows, 64 bit allows Flooding.This issue affects NetIQ Privileged Account M…
|
-
|
CVE-2020-11862
|
2024-11-21 13:58 |
2024-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212700
|
4.8 |
MEDIUM
Network
|
stormshield
|
stormshield_network_security
|
An issue was discovered in Stormshield SNS 3.8.0. Authenticated Stored XSS in the admin login panel leads to SSL VPN credential theft. A malicious disclaimer file can be uploaded from the admin panel…
|
CWE-79
Cross-site Scripting
|
CVE-2020-11711
|
2024-11-21 13:58 |
2023-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
