CVE-2022-38556
Trendnet TEW733GR v1.03B01 contains a Static Default Credential vulnerability in /etc/init0.d/S80telnetd.sh.
Source: CVE-2022-38556
[월:] 2022년 08월
CVE-2022-37053
CVE-2022-37053
TRENDnet TEW733GR v1.03B01 is vulnerable to Command injection via /htdocs/upnpinc/gena.php.
Source: CVE-2022-37053
CVE-2022-37057
CVE-2022-37057
D-Link Go-RT-AC750 GORTAC750_revA_v101b03 and GO-RT-AC750_revB_FWv200b02 are vulnerable to Command Injection via cgibin, ssdpcgi_main.
Source: CVE-2022-37057
CVE-2022-36755
CVE-2022-36755
D-Link DIR845L A1 contains a authentication vulnerability via an AUTHORIZED_GROUP=1 value, as demonstrated by a request for getcfg.php.
Source: CVE-2022-36755
CVE-2022-3017
CVE-2022-3017
Cross-Site Request Forgery (CSRF) in GitHub repository froxlor/froxlor prior to 0.10.38.
Source: CVE-2022-3017
CVE-2022-3016
CVE-2022-38794
CVE-2022-38794
Zaver through 2020-12-15 allows directory traversal via the GET /.. substring.
Source: CVE-2022-38794
CVE-2022-38792
CVE-2022-38792
The exotel (aka exotel-py) package in PyPI as of 0.1.6 includes a code execution backdoor inserted by a third party.
Source: CVE-2022-38792
CVE-2022-38791
CVE-2022-38791
In MariaDB before 10.9.2, compress_write in extra/mariabackup/ds_compress.cc does not release data_mutex upon a stream write failure, which allows local users to trigger a deadlock.
Source: CVE-2022-38791
CVE-2022-2787
CVE-2022-2787
Schroot before 1.6.13 had too permissive rules on chroot or session names, allowing a denial of service on the schroot service for all users that may start a schroot session.
Source: CVE-2022-2787