» 2020 » 4월

CVE-2017-18799

Posted on 2020년 4월 22일2020년 4월 22일 by admin

CVE-2017-18799

Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects R6200v2 before 1.0.3.14, R6250 before 1.0.4.8, R6300v2 before 1.0.4.8, R6700 before 1.1.1.20, R7000 before 1.0.7.10, R7000P/R6900P before 1.0.0.56, R7100LG before 1.0.0.30, R7900 before 1.0.1.14, R8000 before 1.0.3.22, R8500 before 1.0.2.74, and D8500 before 1.0.3.28.

Source: CVE-2017-18799

CVE-2017-18800

Posted on 2020년 4월 22일2020년 4월 22일 by admin

CVE-2017-18800

Certain NETGEAR devices are affected by reflected XSS. This affects R6700v2 before 1.1.0.42 and R6800 before 1.1.0.42.

Source: CVE-2017-18800

CVE-2020-10569

Posted on 2020년 4월 22일2020년 4월 22일 by admin

CVE-2020-10569

SysAid On-Premise 20.1.11, by default, allows the AJP protocol port, which is vulnerable to a GhostCat attack. Additionally, it allows unauthenticated access to upload files, which can be used to execute commands on the system by chaining it with a GhostCat attack.

Source: CVE-2020-10569

CVE-2019-4327

Posted on 2020년 4월 22일2020년 4월 22일 by admin

CVE-2019-4327

"HCL AppScan Enterprise uses hard-coded credentials which can be exploited by attackers to get unauthorized access to application’s encrypted files."

Source: CVE-2019-4327

CVE-2019-17525

Posted on 2020년 4월 22일2020년 4월 22일 by admin

CVE-2019-17525

The login page on D-Link DIR-615 T1 20.10 devices allows remote attackers to bypass the CAPTCHA protection mechanism and conduct brute-force attacks.

Source: CVE-2019-17525

CVE-2017-18791

Posted on 2020년 4월 22일2020년 4월 22일 by admin

CVE-2017-18791

Certain NETGEAR devices are affected by CSRF. This affects R6050/JR6150 before 1.0.1.7, PR2000 before 1.0.0.17, R6220 before 1.1.0.50, WNDR3700v5 before 1.1.0.48, JNR1010v2 before 1.1.0.40, JWNR2010v5 before 1.1.0.40, WNR1000v4 before 1.1.0.40, WNR2020 before 1.1.0.40, WNR2050 before 1.1.0.40, WNR614 before 1.1.0.40, WNR618 before 1.1.0.40, and D7000 before 1.0.1.50.

Source: CVE-2017-18791

CVE-2017-18790

Posted on 2020년 4월 22일2020년 4월 22일 by admin

CVE-2017-18790

Certain NETGEAR devices are affected by disclosure of sensitive information. This affects R6700 before 1.0.1.26, R7000 before 1.0.9.10, R7100LG before 1.0.0.32, R7900 before 1.0.1.18, R8000 before 1.0.3.54, and R8500 before 1.0.2.100.

Source: CVE-2017-18790

CVE-2017-18792

Posted on 2020년 4월 22일2020년 4월 22일 by admin

CVE-2017-18792

NETGEAR D6100 devices before 1.0.0.50_0.0.50 are affected by command injection.

Source: CVE-2017-18792

CVE-2017-18805

Posted on 2020년 4월 22일2020년 4월 22일 by admin

CVE-2017-18805

Certain NETGEAR devices are affected by command injection. This affects WAC510 before 1.3.0.10, WAC120 before 2.1.4, WNDAP620 before 2.1.3, WND930 before 2.1.2, WN604 before 3.3.7, WNDAP660 before 3.7.4.0, WNDAP350 before 3.7.4.0, WNAP320 before 3.7.4.0, WNAP210v2 before 3.7.4.0, and WNDAP360 before 3.7.4.0.

Source: CVE-2017-18805

CVE-2017-18804

Posted on 2020년 4월 22일2020년 4월 22일 by admin

CVE-2017-18804

Certain NETGEAR devices are affected by command injection. This affects R7800 before 1.0.2.16 and R9000 before 1.0.2.4.

Source: CVE-2017-18804