Description
The UPnP endpoint URL /gena.cgi in the D-Link DIR-859 Wi-Fi router 1.05 and 1.06B01 Beta01 allows an Unauthenticated remote attacker to execute system commands as root, by sending a specially crafted HTTP SUBSCRIBE request to the UPnP service when connecting to the local network.
Base Score: 9.8 CRITICAL
CVE-2022-32749 Description Improper Check for Unusual or Exceptional Conditions vulnerability handling requests in Apache Traffic Server allows an attacker to crash the server under certain conditions. This issue affects Apache Traffic Server: from 8.0.0 through 9.1.3. Base Score: 7.5 HIGH https://lists.apache.org/thread/mrj2lg4s0hf027rk7gz8t7hbn9xpfg02 ________________________ CVE-2022-38659 Description In specific scenarios, on Windows the operator credentials may be encrypted in […]
CVE-2022-46609 Description Python3-RESTfulAPI commit d9907f14e9e25dcdb54f5b22252b0e9452e3970e and e772e0beee284c50946e94c54a1d43071ca78b74 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges. Base Score: 9.8 CRITICAL https://github.com/herry-zhang/Python3-RESTfulAPI/commit/1c2081dca357685b3180b9baeb7e761e9a10ca99 _______________________________ CVE-2022-44832 Description D-Link DIR-3040 device with firmware 120B03 was discovered to contain a […]
CVE-2023-23397 Description:Microsoft Outlook Elevation of Privilege Vulnerability CNA: Microsoft CorporationBase Score: 9.8 CRITICAL Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23397
Leave a Reply