Incorrect Authorization vulnerability in Apache Software Foundation Apache IoTDB.This issue affects the iotdb-web-workbench component on 0.13.3. An attacker can leverage this vulnerability to execute code in the context of root. The issue results from the lack of proper error handling when parsing AppleDouble entries. The specific flaw exists within the parse_entries function. Authentication is not required to exploit this vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Netatalk. This credential can then be used to login PowerStation or Secure Shell to achieve remote code execution. An unauthenticated remote attacker can exploit this vulnerability to obtain the administrator's credential. HGiga PowerStation has a vulnerability of Information Leakage. Executable files could be uploaded to certain directories using hard-coded bearer authorization, allowing remote code execution.\n\n Versions prior to \n\n1.9.03.009\n\n have this vulnerability. Windows Network File System Remote Code Execution VulnerabilityÄelta Industrial Automation's DIAEnergy, an industrial energy management system, is vulnerable to CWE-798, Use of Hard-coded Credentials. Windows Point-to-Point Protocol (PPP) Remote Code Execution Vulnerability As some services are enabled by default, the attacker could exploit this vulnerability to execute arbitrary commands by sending specific serialization command. There is a command execution vulnerability in a ZTE conference management system. In axohelp.c before 1.3 in axohelp in axodraw2 before 2.1.1b, as distributed in TeXLive and other collections, sprintf is mishandled. \n\n\n\n\nSnap One OvrC cloud servers contain a route an attacker can use to bypass requirements and claim devices outright.\n\n\n\n\n\n\n\n\n\n
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |