See a list of the latest CVEs we send weekly to subscribers.
An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, 9288, 97016, 97024P, 97028P, 97042P, 97084P, 97168P, FD1002S, FD1104, FD1104B, FD1104S, FD1104SN, FD1108S, FD1204S-R2, FD1204SN, FD1204SN-R2, FD1208S-R2, FD1216S-R1, FD1608GS, FD1608SN, FD1616GS, FD1616SN, and FD8000 devices. There is a default blank password for the guest account.
cdata:9288_firmware cdata:97042p_firmware cdata:fd1216s-r1_firmware cdata:fd1208s-r2_firmware cdata:fd1204s-r2_firmware cdata:fd1204sn_firmware cdata:fd1204sn-r2_firmware cdata:92416a_firmware cdata:fd1108s_firmware cdata:fd1002s_firmware cdata:fd1616gs_firmware cdata:fd8000_firmware cdata:fd1616sn_firmware cdata:fd1104_firmware cdata:fd1104b_firmware cdata:fd1104s_firmware cdata:72408a_firmware cdata:97016_firmware cdata:fd1608gs_firmware cdata:97024p_firmware cdata:fd1608sn_firmware cdata:fd1104sn_firmware cdata:9008a_firmware cdata:97168p_firmware cdata:97084p_firmware cdata:9016a_firmware cdata:92408a_firmware cdata:97028p_firmware
An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, 9288, 97016, 97024P, 97028P, 97042P, 97084P, 97168P, FD1002S, FD1104, FD1104B, FD1104S, FD1104SN, FD1108S, FD1204S-R2, FD1204SN, FD1204SN-R2, FD1208S-R2, FD1216S-R1, FD1608GS, FD1608SN, FD1616GS, FD1616SN, and FD8000 devices. A custom encryption algorithm is used to store encrypted passwords. This algorithm will XOR the password with the hardcoded *j7a(L#yZ98sSd5HfSgGjMj8;Ss;d)(*&^#@$a2s0i3g value.
cdata:9288_firmware cdata:97042p_firmware cdata:fd1216s-r1_firmware cdata:fd1208s-r2_firmware cdata:fd1204s-r2_firmware cdata:fd1204sn_firmware cdata:fd1204sn-r2_firmware cdata:92416a_firmware cdata:fd1108s_firmware cdata:fd1002s_firmware cdata:fd1616gs_firmware cdata:fd8000_firmware cdata:fd1616sn_firmware cdata:fd1104_firmware cdata:fd1104b_firmware cdata:fd1104s_firmware cdata:72408a_firmware cdata:97016_firmware cdata:fd1608gs_firmware cdata:97024p_firmware cdata:fd1608sn_firmware cdata:fd1104sn_firmware cdata:9008a_firmware cdata:97168p_firmware cdata:97084p_firmware cdata:9016a_firmware cdata:92408a_firmware cdata:97028p_firmware
osCommerce 2.3.4.1 has XSS vulnerability via the authenticated user entering the XSS payload into the title section of newsletters.
oscommerce:oscommerce
SimplePHPscripts News Script PHP Pro 2.3 is affected by a Cross Site Scripting (XSS) vulnerability via the editor_name parameter.
newsscriptphp:news_script_php_pro
SimplePHPscripts News Script PHP Pro 2.3 is affected by a SQL Injection via the id parameter in an editNews action.
newsscriptphp:news_script_php_pro
HRSALE 2.0.0 allows XSS via the admin/project/projects_calendar set_date parameter.
hrsale:hrsale
An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, 9288, 97016, 97024P, 97028P, 97042P, 97084P, 97168P, FD1002S, FD1104, FD1104B, FD1104S, FD1104SN, FD1108S, FD1204S-R2, FD1204SN, FD1204SN-R2, FD1208S-R2, FD1216S-R1, FD1608GS, FD1608SN, FD1616GS, FD1616SN, and FD8000 devices. Attackers can use "show system infor" to discover cleartext TELNET credentials.
cdata:9288_firmware cdata:97042p_firmware cdata:fd1216s-r1_firmware cdata:fd1208s-r2_firmware cdata:fd1204s-r2_firmware cdata:fd1204sn_firmware cdata:fd1204sn-r2_firmware cdata:92416a_firmware cdata:fd1108s_firmware cdata:fd1002s_firmware cdata:fd1616gs_firmware cdata:fd8000_firmware cdata:fd1616sn_firmware cdata:fd1104_firmware cdata:fd1104b_firmware cdata:fd1104s_firmware cdata:72408a_firmware cdata:97016_firmware cdata:fd1608gs_firmware cdata:97024p_firmware cdata:fd1608sn_firmware cdata:fd1104sn_firmware cdata:9008a_firmware cdata:97168p_firmware cdata:97084p_firmware cdata:9016a_firmware cdata:92408a_firmware cdata:97028p_firmware
An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, 9288, 97016, 97024P, 97028P, 97042P, 97084P, 97168P, FD1002S, FD1104, FD1104B, FD1104S, FD1104SN, FD1108S, FD1204S-R2, FD1204SN, FD1204SN-R2, FD1208S-R2, FD1216S-R1, FD1608GS, FD1608SN, FD1616GS, FD1616SN, and FD8000 devices. By default, the appliance can be managed remotely only with HTTP, telnet, and SNMP. It doesn't support SSL/TLS for HTTP or SSH. An attacker can intercept passwords sent in cleartext and conduct man-in-the-middle attacks on the management of the appliance.
cdata:9288_firmware cdata:97042p_firmware cdata:fd1216s-r1_firmware cdata:fd1208s-r2_firmware cdata:fd1204s-r2_firmware cdata:fd1204sn_firmware cdata:fd1204sn-r2_firmware cdata:92416a_firmware cdata:fd1108s_firmware cdata:fd1002s_firmware cdata:fd1616gs_firmware cdata:fd8000_firmware cdata:fd1616sn_firmware cdata:fd1104_firmware cdata:fd1104b_firmware cdata:fd1104s_firmware cdata:72408a_firmware cdata:97016_firmware cdata:fd1608gs_firmware cdata:97024p_firmware cdata:fd1608sn_firmware cdata:fd1104sn_firmware cdata:9008a_firmware cdata:97168p_firmware cdata:97084p_firmware cdata:9016a_firmware cdata:92408a_firmware cdata:97028p_firmware
An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, 9288, 97016, 97024P, 97028P, 97042P, 97084P, 97168P, FD1002S, FD1104, FD1104B, FD1104S, FD1104SN, FD1108S, FD1204S-R2, FD1204SN, FD1204SN-R2, FD1208S-R2, FD1216S-R1, FD1608GS, FD1608SN, FD1616GS, FD1616SN, and FD8000 devices. One can escape from a shell and acquire root privileges by leveraging the TFTP download configuration.
cdata:9288_firmware cdata:97042p_firmware cdata:fd1216s-r1_firmware cdata:fd1208s-r2_firmware cdata:fd1204s-r2_firmware cdata:fd1204sn_firmware cdata:fd1204sn-r2_firmware cdata:92416a_firmware cdata:fd1108s_firmware cdata:fd1002s_firmware cdata:fd1616gs_firmware cdata:fd8000_firmware cdata:fd1616sn_firmware cdata:fd1104_firmware cdata:fd1104b_firmware cdata:fd1104s_firmware cdata:72408a_firmware cdata:97016_firmware cdata:fd1608gs_firmware cdata:97024p_firmware cdata:fd1608sn_firmware cdata:fd1104sn_firmware cdata:9008a_firmware cdata:97168p_firmware cdata:97084p_firmware cdata:9016a_firmware cdata:92408a_firmware cdata:97028p_firmware
An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, 9288, 97016, 97024P, 97028P, 97042P, 97084P, 97168P, FD1002S, FD1104, FD1104B, FD1104S, FD1104SN, FD1108S, FD1204S-R2, FD1204SN, FD1204SN-R2, FD1208S-R2, FD1216S-R1, FD1608GS, FD1608SN, FD1616GS, FD1616SN, and FD8000 devices. It allows remote attackers to cause a denial of service (reboot) by sending random bytes to the telnet server on port 23, aka a "shawarma" attack.
cdata:9288_firmware cdata:97042p_firmware cdata:fd1216s-r1_firmware cdata:fd1208s-r2_firmware cdata:fd1204s-r2_firmware cdata:fd1204sn_firmware cdata:fd1204sn-r2_firmware cdata:92416a_firmware cdata:fd1108s_firmware cdata:fd1002s_firmware cdata:fd1616gs_firmware cdata:fd8000_firmware cdata:fd1616sn_firmware cdata:fd1104_firmware cdata:fd1104b_firmware cdata:fd1104s_firmware cdata:72408a_firmware cdata:97016_firmware cdata:fd1608gs_firmware cdata:97024p_firmware cdata:fd1608sn_firmware cdata:fd1104sn_firmware cdata:9008a_firmware cdata:97168p_firmware cdata:97084p_firmware cdata:9016a_firmware cdata:92408a_firmware cdata:97028p_firmware
An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, 9288, 97016, 97024P, 97028P, 97042P, 97084P, 97168P, FD1002S, FD1104, FD1104B, FD1104S, FD1104SN, FD1108S, FD1204S-R2, FD1204SN, FD1204SN-R2, FD1208S-R2, FD1216S-R1, FD1608GS, FD1608SN, FD1616GS, FD1616SN, and FD8000 devices. Attackers can discover cleartext web-server credentials via certain /opt/lighttpd/web/cgi/ requests.
cdata:9288_firmware cdata:97042p_firmware cdata:fd1216s-r1_firmware cdata:fd1208s-r2_firmware cdata:fd1204s-r2_firmware cdata:fd1204sn_firmware cdata:fd1204sn-r2_firmware cdata:92416a_firmware cdata:fd1108s_firmware cdata:fd1002s_firmware cdata:fd1616gs_firmware cdata:fd8000_firmware cdata:fd1616sn_firmware cdata:fd1104_firmware cdata:fd1104b_firmware cdata:fd1104s_firmware cdata:72408a_firmware cdata:97016_firmware cdata:fd1608gs_firmware cdata:97024p_firmware cdata:fd1608sn_firmware cdata:fd1104sn_firmware cdata:9008a_firmware cdata:97168p_firmware cdata:97084p_firmware cdata:9016a_firmware cdata:92408a_firmware cdata:97028p_firmware
An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, 9288, 97016, 97024P, 97028P, 97042P, 97084P, 97168P, FD1002S, FD1104, FD1104B, FD1104S, FD1104SN, FD1108S, FD1204S-R2, FD1204SN, FD1204SN-R2, FD1208S-R2, FD1216S-R1, FD1608GS, FD1608SN, FD1616GS, FD1616SN, and FD8000 devices. There is a default panger123 password for the suma123 account for certain old firmware.
cdata:9288_firmware cdata:97042p_firmware cdata:fd1216s-r1_firmware cdata:fd1208s-r2_firmware cdata:fd1204s-r2_firmware cdata:fd1204sn_firmware cdata:fd1204sn-r2_firmware cdata:92416a_firmware cdata:fd1108s_firmware cdata:fd1002s_firmware cdata:fd1616gs_firmware cdata:fd8000_firmware cdata:fd1616sn_firmware cdata:fd1104_firmware cdata:fd1104b_firmware cdata:fd1104s_firmware cdata:72408a_firmware cdata:97016_firmware cdata:fd1608gs_firmware cdata:97024p_firmware cdata:fd1608sn_firmware cdata:fd1104sn_firmware cdata:9008a_firmware cdata:97168p_firmware cdata:97084p_firmware cdata:9016a_firmware cdata:92408a_firmware cdata:97028p_firmware
An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, 9288, 97016, 97024P, 97028P, 97042P, 97084P, 97168P, FD1002S, FD1104, FD1104B, FD1104S, FD1104SN, FD1108S, FD1204S-R2, FD1204SN, FD1204SN-R2, FD1208S-R2, FD1216S-R1, FD1608GS, FD1608SN, FD1616GS, FD1616SN, and FD8000 devices. There is a default debug124 password for the debug account.
cdata:9288_firmware cdata:97042p_firmware cdata:fd1216s-r1_firmware cdata:fd1208s-r2_firmware cdata:fd1204s-r2_firmware cdata:fd1204sn_firmware cdata:fd1204sn-r2_firmware cdata:92416a_firmware cdata:fd1108s_firmware cdata:fd1002s_firmware cdata:fd1616gs_firmware cdata:fd8000_firmware cdata:fd1616sn_firmware cdata:fd1104_firmware cdata:fd1104b_firmware cdata:fd1104s_firmware cdata:72408a_firmware cdata:97016_firmware cdata:fd1608gs_firmware cdata:97024p_firmware cdata:fd1608sn_firmware cdata:fd1104sn_firmware cdata:9008a_firmware cdata:97168p_firmware cdata:97084p_firmware cdata:9016a_firmware cdata:92408a_firmware cdata:97028p_firmware
An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, 9288, 97016, 97024P, 97028P, 97042P, 97084P, 97168P, FD1002S, FD1104, FD1104B, FD1104S, FD1104SN, FD1108S, FD1204S-R2, FD1204SN, FD1204SN-R2, FD1208S-R2, FD1216S-R1, FD1608GS, FD1608SN, FD1616GS, FD1616SN, and FD8000 devices. There is a default root126 password for the root account.
cdata:9288_firmware cdata:97042p_firmware cdata:fd1216s-r1_firmware cdata:fd1208s-r2_firmware cdata:fd1204s-r2_firmware cdata:fd1204sn_firmware cdata:fd1204sn-r2_firmware cdata:92416a_firmware cdata:fd1108s_firmware cdata:fd1002s_firmware cdata:fd1616gs_firmware cdata:fd8000_firmware cdata:fd1616sn_firmware cdata:fd1104_firmware cdata:fd1104b_firmware cdata:fd1104s_firmware cdata:72408a_firmware cdata:97016_firmware cdata:fd1608gs_firmware cdata:97024p_firmware cdata:fd1608sn_firmware cdata:fd1104sn_firmware cdata:9008a_firmware cdata:97168p_firmware cdata:97084p_firmware cdata:9016a_firmware cdata:92408a_firmware cdata:97028p_firmware
SimplePHPscripts News Script PHP Pro 2.3 is affected by a Cross Site Request Forgery (CSRF) vulnerability, which allows attackers to add new users.
newsscriptphp:news_script_php_pro
A CWE-428 Windows Unquoted Search Path vulnerability exists in EcoStruxure Building Operation Enterprise Server installer V1.9 - V3.1 and Enterprise Central installer V2.0 - V3.1 that could cause any local Windows user who has write permission on at least one of the subfolders of the Connect Agent service binary path, being able to gain the privilege of the user who started the service. By default, the Enterprise Server and Enterprise Central is always installed at a location requiring Administrator privileges so the vulnerability is only valid if the application has been installed on a non-secure location.
se:enterprise_server_installer
A CWE-434 Unrestricted Upload of File with Dangerous Type vulnerability exists in EcoStruxure Building Operation WebReports V1.9 - V3.1 that could cause an authenticated remote user being able to upload arbitrary files due to incorrect verification of user supplied files and achieve remote code execution.
se:webreports
A CWE-79 Improper Neutralization of Input During Web Page Generation (Cross-site Scripting Stored) vulnerability exists in EcoStruxure Building Operation WebReports V1.9 - V3.1 that could cause an authenticated remote user being able to inject arbitrary web script or HTML due to incorrect sanitization of user-supplied data and achieve a Cross-Site Scripting stored attack against other WebReport users.
se:webreports
A CWE-79 Multiple Improper Neutralization of Input During Web Page Generation (Cross-site Scripting Reflected) vulnerability exists in EcoStruxure Building Operation WebReports V1.9 - V3.1 that could cause a remote attacker to inject arbitrary web script or HTML due to incorrect sanitization of user supplied data and achieve a Cross-Site Scripting reflected attack against other WebReport users.
se:webreports
A CWE-611 Improper Restriction of XML External Entity Reference vulnerability exists in EcoStruxure Building Operation WebReports V1.9 - V3.1 that could cause an authenticated remote user being able to inject arbitrary XML code and obtain disclosure of confidential data, denial of service, server side request forgery due to improper configuration of the XML parser.
se:webreports
A CWE-284 Improper Access Control vulnerability exists in EcoStruxure Building Operation WebReports V1.9 - V3.1 that could cause a remote attacker being able to access a restricted web resources due to improper access control.
se:webreports
A Cross Site Scripting (XSS) vulnerability exists in OPAC in Sokrates SOWA SowaSQL through 5.6.1 via the sowacgi.php typ parameter.
sokrates:sowasql
A vulnerability in the SOAP API of Cisco IoT Field Network Director (FND) could allow an authenticated, remote attacker to access and modify information on devices that belong to a different domain. The vulnerability is due to insufficient authorization in the SOAP API. An attacker could exploit this vulnerability by sending SOAP API requests to affected devices for devices that are outside their authorized domain. A successful exploit could allow the attacker to access and modify information on devices that belong to a different domain.
cisco:iot_field_network_director
A vulnerability in the REST API of Cisco IoT Field Network Director (FND) could allow an authenticated, remote attacker to gain access to the back-end database of an affected device. The vulnerability is due to insufficient input validation of REST API requests that are made to an affected device. An attacker could exploit this vulnerability by crafting malicious API requests to the affected device. A successful exploit could allow the attacker to gain access to the back-end database of the affected device.
cisco:iot_field_network_director
A vulnerability in the xAPI service of Cisco Telepresence CE Software and Cisco RoomOS Software could allow an authenticated, remote attacker to generate an access token for an affected device. The vulnerability is due to insufficient access authorization. An attacker could exploit this vulnerability by using the xAPI service to generate a specific token. A successful exploit could allow the attacker to use the generated token to enable experimental features on the device that should not be available to users.
cisco:roomos cisco:telepresence_collaboration_endpoint
A vulnerability in the access control functionality of Cisco IoT Field Network Director (FND) could allow an authenticated, remote attacker to view lists of users from different domains that are configured on an affected system. The vulnerability is due to improper access control. An attacker could exploit this vulnerability by sending an API request that alters the domain for a requested user list on an affected system. A successful exploit could allow the attacker to view lists of users from different domains on the affected system.
cisco:iot_field_network_director
A vulnerability in the file system of Cisco IoT Field Network Director (FND) could allow an authenticated, remote attacker to overwrite files on an affected system. The vulnerability is due to insufficient file system protections. An attacker could exploit this vulnerability by crafting API requests and sending them to an affected system. A successful exploit could allow the attacker to overwrite files on an affected system.
cisco:iot_field_network_director
A vulnerability in the web UI of Cisco IoT Field Network Director (FND) could allow an authenticated, remote attacker to obtain hashes of user passwords on an affected device. The vulnerability is due to insufficient protection of user credentials. An attacker could exploit this vulnerability by logging in as an administrative user and crafting a call for user information. A successful exploit could allow the attacker to obtain hashes of user passwords on an affected device.
cisco:iot_field_network_director
A vulnerability in the user management functionality of Cisco IoT Field Network Director (FND) could allow an authenticated, remote attacker to manage user information for users in different domains on an affected system. The vulnerability is due to improper domain access control. An attacker could exploit this vulnerability by manipulating JSON payloads to target different domains on an affected system. A successful exploit could allow the attacker to manage user information for users in different domains on an affected system.
cisco:iot_field_network_director
Multiple vulnerabilities in the web UI of Cisco IoT Field Network Director (FND) could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against users on an affected system. The vulnerabilities are due to insufficient validation of user-supplied input that is processed by the web UI. An attacker could exploit these vulnerabilities by persuading a user to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information on an affected system.
cisco:iot_field_network_director
A vulnerability in an API of Cisco Webex Meetings could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks. The vulnerability is due to improper validation of user-supplied input to an application programmatic interface (API) within Cisco Webex Meetings. An attacker could exploit this vulnerability by convincing a targeted user to follow a link designed to submit malicious input to the API used by Cisco Webex Meetings. A successful exploit could allow the attacker to conduct cross-site scripting attacks and potentially gain access to sensitive browser-based information from the system of a targeted user.
cisco:webex_meetings
Missing validation of server certificates for out-going connections in Nextcloud Social < 0.4.0 allowed a man-in-the-middle attack.
nextcloud:social
Use after free vulnerability in EDK II may allow an authenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via adjacent access.
tianocore:edk2
Improper authentication in EDK II may allow a privileged user to potentially enable information disclosure via network access.
tianocore:edk2
Uncontrolled resource consumption in EDK II may allow an unauthenticated user to potentially enable denial of service via network access.
tianocore:edk2
Integer overflow in DxeImageVerificationHandler() EDK II may allow an authenticated user to potentially enable denial of service via local access.
tianocore:edk2
Integer truncation in EDK II may allow an authenticated user to potentially enable escalation of privilege via local access.
tianocore:edk2
Logic issue in DxeImageVerificationHandler() for EDK II may allow an authenticated user to potentially enable escalation of privilege via local access.
tianocore:edk2
Logic issue EDK II may allow an unauthenticated user to potentially enable denial of service via adjacent access.
tianocore:edk2
REDDOXX MailDepot 2033 (aka 2.3.3022) allows XSS via an incoming HTML e-mail message.
reddoxx:maildepot
Stored Cross-site scripting (XSS) vulnerability in SourceCodester Gym Management System 1.0 allows users to inject and store arbitrary JavaScript code in index.php?page=packages via vulnerable fields 'Package Name' and 'Description'.
gym_management_system_project:gym_management_system
In Jingyun Antivirus v2.4.2.39, the driver file (ZySandbox.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x1236001c, a related issue to CVE-2018-16304.
v-secure:jingyun_antivirus
In Jingyun Antivirus v2.4.2.39, the driver file (ZySandbox.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x12360090, a related issue to CVE-2018-16306.
v-secure:jingyun_antivirus
In Jingyun Antivirus v2.4.2.39, the driver file (ZySandbox.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x12360094, a related issue to CVE-2018-16305.
v-secure:jingyun_antivirus
In Jingyun Antivirus v2.4.2.39, the driver file (ZySandbox.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x12364020.
v-secure:jingyun_antivirus
In Jingyun Antivirus v2.4.2.39, the driver file (hookbody.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x00221482.
v-secure:jingyun_antivirus
In YzmCMS v5.5 the member contribution function in the editor contains a cross-site scripting (XSS) vulnerability.
yzmcms:yzmcms
A CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists in IGSS Definition (Def.exe) version 14.0.0.20247 and prior that could cause Remote Code Execution when malicious CGF (Configuration Group File) file is imported to IGSS Definition.
schneider-electric:interactive_graphical_scada_system
A CWE-125 Out-of-bounds Read vulnerability exists in IGSS Definition (Def.exe) version 14.0.0.20247 that could cause Remote Code Execution when malicious CGF (Configuration Group File) file is imported to IGSS Definition.
schneider-electric:interactive_graphical_scada_system
A CWE-787 Out-of-bounds Write vulnerability exists in IGSS Definition (Def.exe) version 14.0.0.20247 that could cause Remote Code Execution when malicious CGF (Configuration Group File) file is imported to IGSS Definition.
schneider-electric:interactive_graphical_scada_system