Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
Waybox Enel TCF Agent service could be used to get administrator’s privileges over the Waybox system.
Waybox Enel X web management API authentication could be bypassed and provide administrator’s privileges over the Waybox system.
Waybox Enel X web management application could be used to execute arbitrary OS commands and provide administrator’s privileges over the Waybox system.
Waybox Enel X web management application could execute arbitrary requests on the internal database via /admin/versions.php.
Under certain conditions, through a request directed to the Waybox Enel X web management application, information like Waybox OS version or service configuration details could be obtained.
In certain conditions a request directed to the Waybox Enel X Web management application could cause a denial-of-service (e.g. reboot).
Waybox Enel X web management application could execute arbitrary requests on the internal database via /admin/dbstore.php.
When running in Appliance mode, an authenticated attacker assigned the Administrator or Resource Administrator role may be able to bypass Appliance mode restrictions utilizing system diagnostics tcpdu
The Waybox Enel X web management application contains a PHP-type juggling vulnerability that may allow a brute force process and under certain conditions bypass authentication.
TP-Link TL-WR845N(UN)_V4_201214, TL-WR845N(UN)_V4_200909 and TL-WR845N(UN)_V4_190219 were discovered to contain weak default credentials for the Administrator account.
Privilege escalation and improper access control in GCOM EPON 1GE C00R371V00B01 allows remote authenticated users to modify administrator only settings and extract administrator credentials.
Improper access control in UEFI firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.
An attacker with local access the to medical office computer can escalate his Windows user privileges to "NT AUTHORITY\SYSTEM" by exploiting a command injection vulnerability in the Elefant Update
Improper access control in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
Improper access control in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
Page 1+ Next →