CVE-2021-33221
An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. There are Unauthenticated API Endpoints.
Source: CVE-2021-33221
[월:] 2021년 07월
CVE-2021-33219
CVE-2021-33219
An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. There are Hard-coded Web Application Administrator Passwords for the admin and nplus1user accounts.
Source: CVE-2021-33219
CVE-2021-33215
CVE-2021-33215
An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. The API allows Directory Traversal.
Source: CVE-2021-33215
CVE-2021-28931
CVE-2021-28931
Arbitrary file upload vulnerability in Fork CMS 5.9.2 allows attackers to create or replace arbitrary files in the /themes directory via a crafted zip file uploaded to the Themes panel.
Source: CVE-2021-28931
CVE-2021-31925
CVE-2021-31925
Pexip Infinity 25.x before 25.4 has Improper Input Validation, and thus an unauthenticated remote attacker can cause a denial of service via the administrative web interface.
Source: CVE-2021-31925
CVE-2021-33216
CVE-2021-33216
An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. An Undocumented Backdoor exists, allowing shell access via a developer account.
Source: CVE-2021-33216
CVE-2021-32537
CVE-2021-32537
Realtek HAD contains a driver crashed vulnerability which allows local side attackers to send a special string to the kernel driver in a user’s mode. Due to unexpected commands, the kernel driver will cause the system crashed. A vulnerability in ____COMPONENT____ of Realtek HDA driver allows ____ATTACKER/ATTACK____ to cause ____IMPACT____. This issue affects: Realtek HDA driver 8155 version 9150 and prior versions.
Source: CVE-2021-32537
CVE-2021-32534
CVE-2021-32534
QSAN SANOS factory reset function does not filter special parameters. Remote attackers can use this vulnerability to inject and execute arbitrary commands without permissions.
Source: CVE-2021-32534
CVE-2021-32535
CVE-2021-32535
The vulnerability of hard-coded default credentials in QSAN SANOS allows unauthenticated remote attackers to obtain administrator’s permission and execute arbitrary functions.
Source: CVE-2021-32535
CVE-2021-32538
CVE-2021-32538
ARTWARE CMS parameter of image upload function does not filter the type of upload files which allows remote attackers can upload arbitrary files without logging in, and further execute code unrestrictedly.
Source: CVE-2021-32538