Waybox Enel TCF Agent service could be used to get administrator’s privileges over the Waybox system.
Waybox Enel X web management API authentication could be bypassed and provide administrator’s privileges over the Waybox system.
Waybox Enel X web management application could be used to execute arbitrary OS commands and provide administrator’s privileges over the Waybox system.
Waybox Enel X web management application could execute arbitrary requests on the internal database via /admin/versions.php.
Under certain conditions, through a request directed to the Waybox Enel X web management application, information like Waybox OS version or service configuration details could be obtained.
In certain conditions a request directed to the Waybox Enel X Web management application could cause a denial-of-service (e.g. reboot).
Waybox Enel X web management application could execute arbitrary requests on the internal database via /admin/dbstore.php.
When running in Appliance mode, an authenticated attacker assigned the Administrator or Resource Administrator role may be able to bypass Appliance mode restrictions utilizing system diagnostics tcpdu
The Waybox Enel X web management application contains a PHP-type juggling vulnerability that may allow a brute force process and under certain conditions bypass authentication.
TP-Link TL-WR845N(UN)_V4_201214, TL-WR845N(UN)_V4_200909 and TL-WR845N(UN)_V4_190219 were discovered to contain weak default credentials for the Administrator account.
Privilege escalation and improper access control in GCOM EPON 1GE C00R371V00B01 allows remote authenticated users to modify administrator only settings and extract administrator credentials.
Once logged in to ProGauge MAGLINK LX4 CONSOLE, a valid user can change their privileges to administrator.
Improper access control in UEFI firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.
Use after free in Microsoft Brokering File System allows an unauthorized attacker to elevate privileges locally.
An attacker with local access the to medical office computer can
escalate his Windows user privileges to "NT AUTHORITY\SYSTEM" by
exploiting a command injection vulnerability in the Elefant Update
Use after free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally.
Use after free in Microsoft Brokering File System allows an unauthorized attacker to elevate privileges locally.
Use after free in Microsoft Brokering File System allows an unauthorized attacker to elevate privileges locally.
Improper access control in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
Improper access control in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
Page 1+ Next →