• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-287

CVE-2022-45378

February 23, 2023 by godfreyd94

** UNSUPPPORTED WHEN ASSIGNED **In the default configuration of Apache SOAP, an RPCRouterServlet is available without authentication. This gives an attacker the possibility to invoke methods on the classpath that meet certain criteria. Depending on what classes are available on the classpath this might even lead to arbitrary remote code execution. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

CVE-2022-44801

February 23, 2023 by godfreyd94

D-Link DIR-878 1.02B05 is vulnerable to Incorrect Access Control.

CVE-2022-44620

February 23, 2023 by godfreyd94

Improper authentication vulnerability in UDR-JA1604/UDR-JA1608/UDR-JA1616 firmware versions 71×10.1.107112.43A and earlier allows a remote authenticated attacker to execute an arbitrary OS command on the device or alter the device settings.

CVE-2022-44244

February 23, 2023 by godfreyd94

An authentication bypass in Lin-CMS v0.2.1 allows attackers to escalate privileges to Super Administrator.

CVE-2022-44037

February 23, 2023 by godfreyd94

An access control issue in APsystems ENERGY COMMUNICATION UNIT (ECU-C) Power Control Software V4.1NA, V3.11.4, W2.1NA, V4.1SAA, C1.2.2 allows attackers to access sensitive data and execute specific commands and functions with full admin rights without authenticating allows him to perform multiple attacks, such as attacking wireless network in the product’s range.

CVE-2022-43978

February 23, 2023 by godfreyd94

There is an improper authentication vulnerability in Pandora FMS v764. The application verifies that the user has a valid session when he is not trying to do a login. Since the secret is static in generatePublicHash function, an attacker with knowledge of a valid session can abuse this in order to pass the authentication check.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 228
  • Go to page 229
  • Go to page 230
  • Go to page 231
  • Go to page 232
  • Interim pages omitted …
  • Go to page 289
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE