๐จ CVE-2023-4330
Broadcom RAID Controller web interface is vulnerable Denial of Service can be caused by an authenticated user to the REST API Interface
๐@cveNotify
Broadcom RAID Controller web interface is vulnerable Denial of Service can be caused by an authenticated user to the REST API Interface
๐@cveNotify
๐จ CVE-2023-4329
Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not safeguard SESSIONID cookie with SameSite attribute
๐@cveNotify
Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not safeguard SESSIONID cookie with SameSite attribute
๐@cveNotify
๐จ CVE-2023-4328
Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys used for encryption are accessible to any local user on Linux
๐@cveNotify
Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys used for encryption are accessible to any local user on Linux
๐@cveNotify
๐จ CVE-2023-4327
Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys used for encryption are accessible to any local user on Linux
๐@cveNotify
Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys used for encryption are accessible to any local user on Linux
๐@cveNotify
๐จ CVE-2023-4326
Broadcom RAID Controller web interface is vulnerable has an insecure default TLS configuration that supports obsolete SHA1-based ciphersuites
๐@cveNotify
Broadcom RAID Controller web interface is vulnerable has an insecure default TLS configuration that supports obsolete SHA1-based ciphersuites
๐@cveNotify
๐จ CVE-2023-4325
Broadcom RAID Controller web interface is vulnerable due to usage of Libcurl with LSA has known vulnerabilities
๐@cveNotify
Broadcom RAID Controller web interface is vulnerable due to usage of Libcurl with LSA has known vulnerabilities
๐@cveNotify
๐จ CVE-2023-4324
Broadcom RAID Controller web interface is vulnerable due to insecure defaults of lacking HTTP Content-Security-Policy headers
๐@cveNotify
Broadcom RAID Controller web interface is vulnerable due to insecure defaults of lacking HTTP Content-Security-Policy headers
๐@cveNotify
๐จ CVE-2023-4323
Broadcom RAID Controller web interface is vulnerable to improper session management of active sessions on Gateway setup
๐@cveNotify
Broadcom RAID Controller web interface is vulnerable to improper session management of active sessions on Gateway setup
๐@cveNotify
๐จ CVE-2023-38865
COMFAST CF-XR11 V2.7.2 has a command injection vulnerability detected at function sub_4143F0. Attackers can send POST request messages to /usr/bin/webmgnt and inject commands into parameter timestr.
๐@cveNotify
COMFAST CF-XR11 V2.7.2 has a command injection vulnerability detected at function sub_4143F0. Attackers can send POST request messages to /usr/bin/webmgnt and inject commands into parameter timestr.
๐@cveNotify
GitHub
my_iot_vul/COMFAST/CF-XR11/Command_Inject5 at main ยท TTY-flag/my_iot_vul
uplpad WL-WN575A3. Contribute to TTY-flag/my_iot_vul development by creating an account on GitHub.
๐จ CVE-2023-38863
An issue in COMFAST CF-XR11 v.2.7.2 allows an attacker to execute arbitrary code via the ifname and mac parameters in the sub_410074 function at bin/webmgnt.
๐@cveNotify
An issue in COMFAST CF-XR11 v.2.7.2 allows an attacker to execute arbitrary code via the ifname and mac parameters in the sub_410074 function at bin/webmgnt.
๐@cveNotify
GitHub
my_iot_vul/COMFAST/CF-XR11/Command_Inject4 at main ยท TTY-flag/my_iot_vul
uplpad WL-WN575A3. Contribute to TTY-flag/my_iot_vul development by creating an account on GitHub.
๐จ CVE-2023-38862
An issue in COMFAST CF-XR11 v.2.7.2 allows an attacker to execute arbitrary code via the destination parameter of sub_431F64 function in bin/webmgnt.
๐@cveNotify
An issue in COMFAST CF-XR11 v.2.7.2 allows an attacker to execute arbitrary code via the destination parameter of sub_431F64 function in bin/webmgnt.
๐@cveNotify
GitHub
my_iot_vul/COMFAST/CF-XR11/Command_Inject1 at main ยท TTY-flag/my_iot_vul
uplpad WL-WN575A3. Contribute to TTY-flag/my_iot_vul development by creating an account on GitHub.
๐จ CVE-2023-38861
An issue in Wavlink WL_WNJ575A3 v.R75A3_V1410_220513 allows a remote attacker to execute arbitrary code via username parameter of the set_sys_adm function in adm.cgi.
๐@cveNotify
An issue in Wavlink WL_WNJ575A3 v.R75A3_V1410_220513 allows a remote attacker to execute arbitrary code via username parameter of the set_sys_adm function in adm.cgi.
๐@cveNotify
GitHub
my_iot_vul/WAVLINK/WL-WN575A3 at main ยท TTY-flag/my_iot_vul
uplpad WL-WN575A3. Contribute to TTY-flag/my_iot_vul development by creating an account on GitHub.
๐จ CVE-2023-38402
A vulnerability in the HPE Aruba Networking Virtual Intranet Access (VIA) client could allow malicious users to overwrite arbitrary files as NT AUTHORITY\SYSTEM. A successful exploit could allow these malicious users to create a Denial-of-Service (DoS) condition affecting the Microsoft Windows operating System boot process.
๐@cveNotify
A vulnerability in the HPE Aruba Networking Virtual Intranet Access (VIA) client could allow malicious users to overwrite arbitrary files as NT AUTHORITY\SYSTEM. A successful exploit could allow these malicious users to create a Denial-of-Service (DoS) condition affecting the Microsoft Windows operating System boot process.
๐@cveNotify
๐จ CVE-2023-38401
A vulnerability in the HPE Aruba Networking Virtual Intranet Access (VIA) client could allow local users to elevate privileges. Successful exploitation could allow execution of arbitrary code with NT AUTHORITY\SYSTEM privileges on the operating system.
๐@cveNotify
A vulnerability in the HPE Aruba Networking Virtual Intranet Access (VIA) client could allow local users to elevate privileges. Successful exploitation could allow execution of arbitrary code with NT AUTHORITY\SYSTEM privileges on the operating system.
๐@cveNotify
๐จ CVE-2023-4345
Broadcom RAID Controller web interface is vulnerable client-side control bypass leads to unauthorized data access for low privileged user
๐@cveNotify
Broadcom RAID Controller web interface is vulnerable client-side control bypass leads to unauthorized data access for low privileged user
๐@cveNotify
๐จ CVE-2023-38865
COMFAST CF-XR11 V2.7.2 has a command injection vulnerability detected at function sub_4143F0. Attackers can send POST request messages to /usr/bin/webmgnt and inject commands into parameter timestr.
๐@cveNotify
COMFAST CF-XR11 V2.7.2 has a command injection vulnerability detected at function sub_4143F0. Attackers can send POST request messages to /usr/bin/webmgnt and inject commands into parameter timestr.
๐@cveNotify
GitHub
my_iot_vul/COMFAST/CF-XR11/Command_Inject5 at main ยท TTY-flag/my_iot_vul
uplpad WL-WN575A3. Contribute to TTY-flag/my_iot_vul development by creating an account on GitHub.
๐จ CVE-2023-38863
An issue in COMFAST CF-XR11 v.2.7.2 allows an attacker to execute arbitrary code via the ifname and mac parameters in the sub_410074 function at bin/webmgnt.
๐@cveNotify
An issue in COMFAST CF-XR11 v.2.7.2 allows an attacker to execute arbitrary code via the ifname and mac parameters in the sub_410074 function at bin/webmgnt.
๐@cveNotify
GitHub
my_iot_vul/COMFAST/CF-XR11/Command_Inject4 at main ยท TTY-flag/my_iot_vul
uplpad WL-WN575A3. Contribute to TTY-flag/my_iot_vul development by creating an account on GitHub.
๐จ CVE-2023-38862
An issue in COMFAST CF-XR11 v.2.7.2 allows an attacker to execute arbitrary code via the destination parameter of sub_431F64 function in bin/webmgnt.
๐@cveNotify
An issue in COMFAST CF-XR11 v.2.7.2 allows an attacker to execute arbitrary code via the destination parameter of sub_431F64 function in bin/webmgnt.
๐@cveNotify
GitHub
my_iot_vul/COMFAST/CF-XR11/Command_Inject1 at main ยท TTY-flag/my_iot_vul
uplpad WL-WN575A3. Contribute to TTY-flag/my_iot_vul development by creating an account on GitHub.
๐จ CVE-2023-38861
An issue in Wavlink WL_WNJ575A3 v.R75A3_V1410_220513 allows a remote attacker to execute arbitrary code via username parameter of the set_sys_adm function in adm.cgi.
๐@cveNotify
An issue in Wavlink WL_WNJ575A3 v.R75A3_V1410_220513 allows a remote attacker to execute arbitrary code via username parameter of the set_sys_adm function in adm.cgi.
๐@cveNotify
GitHub
my_iot_vul/WAVLINK/WL-WN575A3 at main ยท TTY-flag/my_iot_vul
uplpad WL-WN575A3. Contribute to TTY-flag/my_iot_vul development by creating an account on GitHub.
๐จ CVE-2023-38402
A vulnerability in the HPE Aruba Networking Virtual Intranet Access (VIA) client could allow malicious users to overwrite arbitrary files as NT AUTHORITY\SYSTEM. A successful exploit could allow these malicious users to create a Denial-of-Service (DoS) condition affecting the Microsoft Windows operating System boot process.
๐@cveNotify
A vulnerability in the HPE Aruba Networking Virtual Intranet Access (VIA) client could allow malicious users to overwrite arbitrary files as NT AUTHORITY\SYSTEM. A successful exploit could allow these malicious users to create a Denial-of-Service (DoS) condition affecting the Microsoft Windows operating System boot process.
๐@cveNotify
๐จ CVE-2023-38401
A vulnerability in the HPE Aruba Networking Virtual Intranet Access (VIA) client could allow local users to elevate privileges. Successful exploitation could allow execution of arbitrary code with NT AUTHORITY\SYSTEM privileges on the operating system.
๐@cveNotify
A vulnerability in the HPE Aruba Networking Virtual Intranet Access (VIA) client could allow local users to elevate privileges. Successful exploitation could allow execution of arbitrary code with NT AUTHORITY\SYSTEM privileges on the operating system.
๐@cveNotify