Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by CWE-425
Total 97 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-9884 1 Eclass 1 Eclass Ip 2020-10-16 10.0 HIGH 9.8 CRITICAL
eClass platform < ip.2.5.10.2.1 allows an attacker to use GETS method to request /admin page to bypass the password validation and access management page.
CVE-2019-6551 1 Pangea-comm 1 Fax Ata 2020-10-05 7.8 HIGH 7.5 HIGH
Pangea Communications Internet FAX ATA all Versions 3.1.8 and prior allow an attacker to bypass user authentication using a specially crafted URL to cause the device to reboot, which may be used to cause a continual denial-of-service condition.
CVE-2020-24660 2 Debian, Lemonldap-ng 2 Debian Linux, Lemonldap\ 2020-09-18 7.5 HIGH 9.8 CRITICAL
An issue was discovered in LemonLDAP::NG through 2.0.8, when NGINX is used. An attacker may bypass URL-based access control to protected Virtual Hosts by submitting a non-normalized URI. This also affects versions before 0.5.2 of the "Lemonldap::NG handler for Node.js" package.
CVE-2018-0267 1 Cisco 1 Unified Communications Manager 2020-09-04 2.1 LOW 6.5 MEDIUM
A vulnerability in the web framework of Cisco Unified Communications Manager could allow an authenticated, local attacker to view sensitive data that should be restricted. This could include LDAP credentials. The vulnerability is due to insufficient protection of database tables over the web interface. An attacker could exploit this vulnerability by browsing to a specific URL. An exploit could allow the attacker to view sensitive information that should have been restricted. Cisco Bug IDs: CSCvf22116.
CVE-2018-0266 1 Cisco 1 Unified Communications Manager 2020-09-04 4.0 MEDIUM 4.3 MEDIUM
A vulnerability in the web framework of Cisco Unified Communications Manager could allow an authenticated, remote attacker to view sensitive data. The vulnerability is due to insufficient protection of database tables over the web interface. An attacker could exploit this vulnerability by browsing to a specific URL. An exploit could allow the attacker to view configuration parameters. Cisco Bug IDs: CSCvf20218.
CVE-2018-0198 1 Cisco 1 Unified Communications Manager 2020-09-04 5.0 MEDIUM 5.3 MEDIUM
A vulnerability in the web framework of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to view sensitive data. The vulnerability is due to insufficient protection of database tables. An attacker could exploit this vulnerability by browsing to a specific URL. A successful exploit could allow the attacker to view data library information. Cisco Bug IDs: CSCvh66592.
CVE-2018-0105 1 Cisco 1 Unified Communications Manager 2020-09-04 5.0 MEDIUM 5.3 MEDIUM
A vulnerability in the web framework of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to view sensitive data. The vulnerability is due to insufficient protection of database tables. An attacker could exploit this vulnerability by browsing to a specific URL. An exploit could allow the attacker to view data library information. Cisco Bug IDs: CSCvf20269.
CVE-2017-15235 1 Horde 1 Groupware 2020-08-29 5.0 MEDIUM 7.5 HIGH
The File Manager (gollem) module 3.0.11 in Horde Groupware 5.2.21 allows remote attackers to bypass Horde authentication for file downloads via a crafted fn parameter that corresponds to the exact filename.
CVE-2019-9584 1 Eq-3 4 Homematic Ccu2, Homematic Ccu2 Firmware, Homematic Ccu3 and 1 more 2020-08-24 7.5 HIGH 9.8 CRITICAL
eQ-3 Homematic AddOn 'CloudMatic' on CCU2 and CCU3 allows uncontrolled admin access, resulting in the ability to obtain VPN profile details, shutting down the VPN service and to delete the VPN service configuration. This is related to improper access control for all /addons/mh/ pages.
CVE-2019-13981 1 Rangerstudio 1 Directus 7 Api 2020-08-24 5.0 MEDIUM 5.3 MEDIUM
In Directus 7 API through 2.3.0, remote attackers can read image files via a direct request for a filename under the uploads/_/originals/ directory. This is related to a configuration option in which the file collection can be non-public, but this option does not apply to the thumbnailer.
CVE-2019-13030 1 Mediola 1 Neo Server 2020-08-24 6.4 MEDIUM 8.2 HIGH
eQ-3 Homematic CCU3 AddOn 'Mediola NEO Server for Homematic CCU3' prior to 2.4.5 allows uncontrolled admin access to start or stop the Node.js process, resulting in the ability to obtain mediola configuration details. This is related to improper access control for addons configuration pages and a missing check in rc.d/97NeoServer.
CVE-2019-12583 1 Zyxel 28 Uag2100, Uag2100 Firmware, Uag4100 and 25 more 2020-08-24 6.4 MEDIUM 9.1 CRITICAL
Missing Access Control in the "Free Time" component of several Zyxel UAG, USG, and ZyWall devices allows a remote attacker to generate guest accounts by directly accessing the account generator. This can lead to unauthorised network access or Denial of Service.
CVE-2019-1220 1 Microsoft 10 Edge, Internet Explorer, Windows 10 and 7 more 2020-08-24 4.3 MEDIUM 4.3 MEDIUM
A security feature bypass vulnerability exists when Microsoft Browsers fail to validate the correct Security Zone of requests for specific URLs, aka 'Microsoft Browser Security Feature Bypass Vulnerability'.
CVE-2019-11326 1 Topcon 2 Net-g5, Net-g5 Firmware 2020-08-24 6.5 MEDIUM 8.8 HIGH
An issue was discovered on Topcon Positioning Net-G5 GNSS Receiver devices with firmware 5.2.2. The web interface of the product is protected by a login. A guest is allowed to login. Once logged in as a guest, an attacker can browse a URL to read the password of the administrative user. The same procedure allows a regular user to gain administrative privileges. The guest login is possible in the default configuration.
CVE-2018-16706 1 Lg 1 Supersign Cms 2020-08-24 7.8 HIGH 7.5 HIGH
LG SuperSign CMS allows TVs to be rebooted remotely without authentication via a direct HTTP request to /qsr_server/device/reboot on port 9080.
CVE-2019-3916 1 Verizon 2 Fios Quantum Gateway G1100, Fios Quantum Gateway G1100 Firmware 2020-08-24 5.0 MEDIUM 7.5 HIGH
Information disclosure vulnerability in Verizon Fios Quantum Gateway (G1100) firmware version 02.01.00.05 allows an remote, unauthenticated attacker to retrieve the value of the password salt by simply requesting an API URL in a web browser (e.g. /api).
CVE-2019-6126 1 Advance Peer To Peer Mlm Script Project 1 Advance Peer To Peer Mlm Script 2020-08-24 5.0 MEDIUM 7.5 HIGH
The Admin Panel of PHP Scripts Mall Advance Peer to Peer MLM Script v1.7.0 allows remote attackers to bypass intended access restrictions by directly navigating to admin/dashboard.php or admin/user.php, as demonstrated by disclosure of information about users and staff.
CVE-2019-7736 1 Dlink 2 Dir-600m, Dir-600m Firmware 2020-08-24 7.5 HIGH 9.8 CRITICAL
D-Link DIR-600M C1 3.04 devices allow authentication bypass via a direct request to the wan.htm page. NOTE: this may overlap CVE-2019-13101.
CVE-2019-2388 1 Mongodb 1 Ops Manager 2020-05-18 5.0 MEDIUM 5.3 MEDIUM
In affected Ops Manager versions there is an exposed http route was that may allow attackers to view a specific access log of a publicly exposed Ops Manager instance. This issue affects: MongoDB Inc. MongoDB Ops Manager 4.0 versions 4.0.9, 4.0.10 and MongoDB Ops Manager 4.1 version 4.1.5.
CVE-2016-1000111 1 Twistedmatrix 1 Twisted 2020-03-13 5.0 MEDIUM 5.3 MEDIUM
Twisted before 16.3.1 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect CGI applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect a CGI application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an "httpoxy" issue.