Latest CVE Feed
-
6.1
MEDIUMCVE-2021-33557
An XSS issue was discovered in manage_custom_field_edit_page.php in MantisBT before 2.25.2. Unescaped output of the return parameter allows an attacker to inject code into a hidden input field.... Read more
Affected Products : mantisbt- Published: Jun. 17, 2021
- Modified: Nov. 21, 2024
-
7.5
HIGHCVE-2021-33555
In PEPPERL+FUCHS WirelessHART-Gateway <= 3.0.7 the filename parameter is vulnerable to unauthenticated path traversal attacks, enabling read access to arbitrary files on the server.... Read more
- Published: Aug. 31, 2021
- Modified: Nov. 21, 2024
-
7.2
HIGHCVE-2021-33554
Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to command injection, which may allow an attacker to remotely execute arbitrary code.... Read more
- Published: Sep. 13, 2021
- Modified: Nov. 21, 2024
-
7.2
HIGHCVE-2021-33553
Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to command injection, which may allow an attacker to remotely execute arbitrary code.... Read more
- Published: Sep. 13, 2021
- Modified: Nov. 21, 2024
-
7.2
HIGHCVE-2021-33552
Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to command injection, which may allow an attacker to remotely execute arbitrary code.... Read more
- Published: Sep. 13, 2021
- Modified: Nov. 21, 2024
-
7.2
HIGHCVE-2021-33551
Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to command injection, which may allow an attacker to remotely execute arbitrary code.... Read more
- Published: Sep. 13, 2021
- Modified: Nov. 21, 2024
-
7.2
HIGHCVE-2021-33550
Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to command injection, which may allow an attacker to remotely execute arbitrary code.... Read more
- Published: Sep. 13, 2021
- Modified: Nov. 21, 2024
-
7.2
HIGHCVE-2021-33549
Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to a stack-based buffer overflow condition in the action parameter, which may allow an attacker to remotely execute arbitrary code.... Read more
- Published: Sep. 13, 2021
- Modified: Nov. 21, 2024
-
7.2
HIGHCVE-2021-33548
Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to command injection, which may allow an attacker to remotely execute arbitrary code.... Read more
- Published: Sep. 13, 2021
- Modified: Nov. 21, 2024
-
7.2
HIGHCVE-2021-33547
Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to a stack-based buffer overflow condition in the profile parameter which may allow an attacker to remotely execute arbitrary code.... Read more
- Published: Sep. 13, 2021
- Modified: Nov. 21, 2024
-
7.2
HIGHCVE-2021-33546
Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to a stack-based buffer overflow condition in the name parameter, which may allow an attacker to remotely execute arbitrary code.... Read more
- Published: Sep. 13, 2021
- Modified: Nov. 21, 2024
-
7.2
HIGHCVE-2021-33545
Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to a stack-based buffer overflow condition in the counter parameter which may allow an attacker to remotely execute arbitrary code.... Read more
- Published: Sep. 13, 2021
- Modified: Nov. 21, 2024
-
7.2
HIGHCVE-2021-33544
Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to command injection, which may allow an attacker to remotely execute arbitrary code.... Read more
- Published: Sep. 13, 2021
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2021-33543
Multiple camera devices by UDP Technology, Geutebrück and other vendors allow unauthenticated remote access to sensitive files due to default user authentication settings. This can lead to manipulation of the device and denial of service.... Read more
- Published: Sep. 13, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-33542
Phoenix Contact Classic Automation Worx Software Suite in Version 1.87 and below is affected by a remote code execution vulnerability. Manipulated PC Worx or Config+ projects could lead to a remote code execution when unallocated memory is freed because o... Read more
- Published: Jun. 25, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-33541
Phoenix Contact Classic Line Controllers ILC1x0 and ILC1x1 in all versions/variants are affected by a Denial-of-Service vulnerability. The communication protocols and device access do not feature authentication measures. Remote attackers can use specially... Read more
- Published: Jun. 25, 2021
- Modified: Nov. 21, 2024
-
7.5
HIGHCVE-2021-33540
In certain devices of the Phoenix Contact AXL F BK and IL BK product families an undocumented password protected FTP access to the root directory exists.... Read more
- Published: Jun. 25, 2021
- Modified: Nov. 21, 2024
-
7.2
HIGHCVE-2021-33539
In Weidmueller Industrial WLAN devices in multiple versions an exploitable authentication bypass vulnerability exists in the hostname processing. A specially configured device hostname can cause the device to interpret selected remote traffic as local tra... Read more
Affected Products : ie-wl-bl-ap-cl-eu_firmware ie-wlt-bl-ap-cl-eu_firmware ie-wl-bl-ap-cl-us_firmware ie-wlt-bl-ap-cl-us_firmware ie-wl-vl-ap-br-cl-eu_firmware ie-wlt-vl-ap-br-cl-eu_firmware ie-wl-vl-ap-br-cl-us_firmware ie-wlt-vl-ap-br-cl-us_firmware ie-wl-bl-ap-cl-eu ie-wlt-bl-ap-cl-eu +6 more products- Published: Jun. 25, 2021
- Modified: Nov. 21, 2024
-
9.0
HIGHCVE-2021-33538
In Weidmueller Industrial WLAN devices in multiple versions an exploitable improper access control vulnerability exists in the iw_webs account settings functionality. A specially crafted user name entry can cause the overwrite of an existing user account ... Read more
Affected Products : ie-wl-bl-ap-cl-eu_firmware ie-wlt-bl-ap-cl-eu_firmware ie-wl-bl-ap-cl-us_firmware ie-wlt-bl-ap-cl-us_firmware ie-wl-vl-ap-br-cl-eu_firmware ie-wlt-vl-ap-br-cl-eu_firmware ie-wl-vl-ap-br-cl-us_firmware ie-wlt-vl-ap-br-cl-us_firmware ie-wl-bl-ap-cl-eu ie-wlt-bl-ap-cl-eu +6 more products- Published: Jun. 25, 2021
- Modified: Nov. 21, 2024
-
8.8
HIGHCVE-2021-33537
In Weidmueller Industrial WLAN devices in multiple versions an exploitable remote code execution vulnerability exists in the iw_webs configuration parsing functionality. A specially crafted user name entry can cause an overflow of an error message buffer,... Read more
Affected Products : ie-wl-bl-ap-cl-eu_firmware ie-wlt-bl-ap-cl-eu_firmware ie-wl-bl-ap-cl-us_firmware ie-wlt-bl-ap-cl-us_firmware ie-wl-vl-ap-br-cl-eu_firmware ie-wlt-vl-ap-br-cl-eu_firmware ie-wl-vl-ap-br-cl-us_firmware ie-wlt-vl-ap-br-cl-us_firmware ie-wl-bl-ap-cl-eu ie-wlt-bl-ap-cl-eu +6 more products- Published: Jun. 25, 2021
- Modified: Nov. 21, 2024