|
195231
|
9.8 |
CRITICAL
Network
|
dlink
|
dap-1880ac_firmware
|
Missing authentication for critical function in DAP-1880AC firmware version 1.21 and earlier allows a remote attacker to login to the device as an authenticated user without the access privilege via …
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2021-20697
|
2024-11-21 14:47 |
2021-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195232
|
8.8 |
HIGH
Network
|
dlink
|
dap-1880ac_firmware
|
DAP-1880AC firmware version 1.21 and earlier allows a remote authenticated attacker to execute arbitrary OS commands by sending a specially crafted request to a specific CGI program.
|
CWE-78
OS Command
|
CVE-2021-20696
|
2024-11-21 14:47 |
2021-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195233
|
8.8 |
HIGH
Network
|
dlink
|
dap-1880ac_firmware
|
Improper following of a certificate's chain of trust vulnerability in DAP-1880AC firmware version 1.21 and earlier allows a remote authenticated attacker to gain root privileges via unspecified vecto…
|
CWE-295
Improper Certificate Validation
|
CVE-2021-20695
|
2024-11-21 14:47 |
2021-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195234
|
8.8 |
HIGH
Network
|
dlink
|
dap-1880ac_firmware
|
Improper access control vulnerability in DAP-1880AC firmware version 1.21 and earlier allows a remote authenticated attacker to bypass access restriction and to start a telnet service via unspecified…
|
NVD-CWE-Other
|
CVE-2021-20694
|
2024-11-21 14:47 |
2021-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195235
|
7.5 |
HIGH
Network
|
gurunavi
|
gurunavi
|
Improper access control vulnerability in Gurunavi App for Android ver.10.0.10 and earlier and for iOS ver.11.1.2 and earlier allows a remote attacker to lead a user to access an arbitrary website via…
|
CWE-862
Missing Authorization
|
CVE-2021-20693
|
2024-11-21 14:47 |
2021-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195236
|
7.5 |
HIGH
Network
|
fibaro
|
home_center_2_firmware
home_center_lite_firmware
|
In Fibaro Home Center 2 and Lite devices in all versions provide a web based management interface over unencrypted HTTP protocol. Communication between the user and the device can be eavesdropped to …
|
CWE-319
Cleartext Transmission of Sensitive Information
|
CVE-2021-20992
|
2024-11-21 14:47 |
2021-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195237
|
8.8 |
HIGH
Network
|
fibaro
|
home_center_2_firmware
home_center_lite_firmware
|
In Fibaro Home Center 2 and Lite devices with firmware version 4.540 and older an authenticated user can run commands as root user using a command injection vulnerability.
|
CWE-77
Command Injection
|
CVE-2021-20991
|
2024-11-21 14:47 |
2021-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195238
|
7.5 |
HIGH
Network
|
fibaro
|
home_center_2_firmware
home_center_lite_firmware
|
In Fibaro Home Center 2 and Lite devices with firmware version 4.600 and older an internal management service is accessible on port 8000 and some API endpoints could be accessed without authenticatio…
|
-
|
CVE-2021-20990
|
2024-11-21 14:47 |
2021-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195239
|
6.5 |
MEDIUM
Local
|
adobe
|
robohelp
|
Adobe Robohelp version 2020.0.3 (and earlier) is affected by an uncontrolled search path element vulnerability that could lead to privilege escalation. An attacker with admin permissions to write to …
|
-
|
CVE-2021-21070
|
2024-11-21 14:47 |
2021-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195240
|
7.8 |
HIGH
Local
|
adobe
|
digital_editions
|
Adobe Digital Editions version 4.5.11.187245 (and earlier) is affected by a Privilege Escalation vulnerability during installation. An unauthenticated attacker could leverage this vulnerability to ac…
|
-
|
CVE-2021-21100
|
2024-11-21 14:47 |
2021-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
