AttackerKB
attackerkb
New assessment for topic: CVE-2024-51979
Topic description: "An authenticated attacker may trigger a stack based buffer overflow by performing a malformed request to either the HTTP service (TCP port 80), the HTTPS service (TCP port 443), or the IPP service (TCP port 631) ..."
"An authenticated stack-based buffer overflow exists in the printers HTTP server ..."
Link: https://attackerkb.com/assessments/aa600177-e69d-4eba-810a-f317d2ddb369
Topic description: "An authenticated attacker may trigger a stack based buffer overflow by performing a malformed request to either the HTTP service (TCP port 80), the HTTPS service (TCP port 443), or the IPP service (TCP port 631) ..."
"An authenticated stack-based buffer overflow exists in the printers HTTP server ..."
Link: https://attackerkb.com/assessments/aa600177-e69d-4eba-810a-f317d2ddb369
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2024-51980
Topic description: "An unauthenticated attacker may perform a limited server side request forgery (SSRF), forcing the target device to open a TCP connection to an arbitrary port number on an arbitrary IP address ..."
"A Server Side Request Forgery (SSRF) vulnerability exists due to how the Brother firmware handles Web Services Addressing (WS-Addressing) during SOAP requests to the SOAP service over HTTP (TCP port 80) ..."
Link: https://attackerkb.com/assessments/686ad46c-d2c3-4116-b31e-010e695ba288
Topic description: "An unauthenticated attacker may perform a limited server side request forgery (SSRF), forcing the target device to open a TCP connection to an arbitrary port number on an arbitrary IP address ..."
"A Server Side Request Forgery (SSRF) vulnerability exists due to how the Brother firmware handles Web Services Addressing (WS-Addressing) during SOAP requests to the SOAP service over HTTP (TCP port 80) ..."
Link: https://attackerkb.com/assessments/686ad46c-d2c3-4116-b31e-010e695ba288
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2024-51982
Topic description: "An unauthenticated attacker who can connect to TCP port 9100 can issue a Printer Job Language (PJL) command that will crash the target device ..."
"An unauthenticated attacker who can connect to TCP port 9100 can issue a Printer Job Language (PJL) command that will crash the target device ..."
Link: https://attackerkb.com/assessments/f29cd000-e191-42dd-ab80-271c3eef8c2d
Topic description: "An unauthenticated attacker who can connect to TCP port 9100 can issue a Printer Job Language (PJL) command that will crash the target device ..."
"An unauthenticated attacker who can connect to TCP port 9100 can issue a Printer Job Language (PJL) command that will crash the target device ..."
Link: https://attackerkb.com/assessments/f29cd000-e191-42dd-ab80-271c3eef8c2d
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2024-51983
Topic description: "An unauthenticated attacker who can connect to the Web Services feature (HTTP TCP port 80) can issue a WS-Scan SOAP request containing an unexpected JobToken value which will crash the target device ..."
"The device’s Web Services feature operates over HTTP (Port 80) and accepts an XML-based SOAP request ..."
Link: https://attackerkb.com/assessments/9b5204d1-0cb0-4d9c-a7ae-97199dd23d80
Topic description: "An unauthenticated attacker who can connect to the Web Services feature (HTTP TCP port 80) can issue a WS-Scan SOAP request containing an unexpected JobToken value which will crash the target device ..."
"The device’s Web Services feature operates over HTTP (Port 80) and accepts an XML-based SOAP request ..."
Link: https://attackerkb.com/assessments/9b5204d1-0cb0-4d9c-a7ae-97199dd23d80
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2024-51984
Topic description: "An authenticated attacker can reconfigure the target device to use an external service (such as LDAP or FTP) controlled by the attacker ..."
"An affected device allows for multiple external services to be configured for use by the device, such as LDAP, FTP, SFTP, and SharePoint ..."
Link: https://attackerkb.com/assessments/ded3c328-b080-4b18-b7f3-4df3838bdd18
Topic description: "An authenticated attacker can reconfigure the target device to use an external service (such as LDAP or FTP) controlled by the attacker ..."
"An affected device allows for multiple external services to be configured for use by the device, such as LDAP, FTP, SFTP, and SharePoint ..."
Link: https://attackerkb.com/assessments/ded3c328-b080-4b18-b7f3-4df3838bdd18
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2024-52056
Topic description: "Path Traversal in the Manager component of Wowza Streaming Engine below 4.9.1 allows an administrator user to delete any directory on the file system if the target directory contains an XML definition file. ..."
"CVE-2024-52056 permits authenticated administrators to delete arbitrary directories on the host that contain `Application.xml` ..."
Link: https://attackerkb.com/assessments/e8a64028-5caf-4872-889b-84d263b5a53c
Topic description: "Path Traversal in the Manager component of Wowza Streaming Engine below 4.9.1 allows an administrator user to delete any directory on the file system if the target directory contains an XML definition file. ..."
"CVE-2024-52056 permits authenticated administrators to delete arbitrary directories on the host that contain `Application.xml` ..."
Link: https://attackerkb.com/assessments/e8a64028-5caf-4872-889b-84d263b5a53c
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2025-32821
Topic description: "A vulnerability in SMA100 allows a remote authenticated attacker with SSLVPN admin privileges can with admin privileges can inject shell command arguments to upload a file on the appliance. ..."
"An authenticated attacker with SMA administrator privileges can inject shell command arguments with an escape sequence to upload a fully controlled file anywhere that the `nobody` user can write to ..."
Link: https://attackerkb.com/assessments/cfb5634b-463d-4bcc-8d9f-a16af2ed4f60
Topic description: "A vulnerability in SMA100 allows a remote authenticated attacker with SSLVPN admin privileges can with admin privileges can inject shell command arguments to upload a file on the appliance. ..."
"An authenticated attacker with SMA administrator privileges can inject shell command arguments with an escape sequence to upload a fully controlled file anywhere that the `nobody` user can write to ..."
Link: https://attackerkb.com/assessments/cfb5634b-463d-4bcc-8d9f-a16af2ed4f60
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2024-52054
Topic description: "Path Traversal in the Manager component of Wowza Streaming Engine below 4.9.1 allows an administrator user to create an XML definition file anywhere on the file system. ..."
"CVE-2024-52054 is a high-privilege path traversal vulnerability affecting the Wowza Streaming Engine Manager web service ..."
Link: https://attackerkb.com/assessments/a021a418-7449-4d1b-b8ac-ccdf120bcd7c
Topic description: "Path Traversal in the Manager component of Wowza Streaming Engine below 4.9.1 allows an administrator user to create an XML definition file anywhere on the file system. ..."
"CVE-2024-52054 is a high-privilege path traversal vulnerability affecting the Wowza Streaming Engine Manager web service ..."
Link: https://attackerkb.com/assessments/a021a418-7449-4d1b-b8ac-ccdf120bcd7c
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2024-52055
Topic description: "Path Traversal in the Manager component of Wowza Streaming Engine below 4.9.1 allows an administrator user to read any file on the file system if the target directory contains an XML definition file. ..."
"CVE-2024-52055 is a path traversal vulnerability that permits an administrator user to read any file on the file system if the target directory contains a file or directory called `Application.xml` ..."
Link: https://attackerkb.com/assessments/ced78fb9-1b04-494a-b111-d809adca520a
Topic description: "Path Traversal in the Manager component of Wowza Streaming Engine below 4.9.1 allows an administrator user to read any file on the file system if the target directory contains an XML definition file. ..."
"CVE-2024-52055 is a path traversal vulnerability that permits an administrator user to read any file on the file system if the target directory contains a file or directory called `Application.xml` ..."
Link: https://attackerkb.com/assessments/ced78fb9-1b04-494a-b111-d809adca520a
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2024-6922
Topic description: "Automation Anywhere Automation 360 v21-v32 is vulnerable to Server-Side Request Forgery in a web API component ..."
"[CVE-2024-6922](https://nvd.nist.gov/vuln/detail/cve-2024-6922) is an unauthenticated blind Server-Side Request Forgery ("SSRF") vulnerability in Automation Anywhere Automation 360 ..."
Link: https://attackerkb.com/assessments/376cd313-be9a-4d42-a536-8ed32da9c648
Topic description: "Automation Anywhere Automation 360 v21-v32 is vulnerable to Server-Side Request Forgery in a web API component ..."
"[CVE-2024-6922](https://nvd.nist.gov/vuln/detail/cve-2024-6922) is an unauthenticated blind Server-Side Request Forgery ("SSRF") vulnerability in Automation Anywhere Automation 360 ..."
Link: https://attackerkb.com/assessments/376cd313-be9a-4d42-a536-8ed32da9c648
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2025-4678
Topic description: "Improper Neutralization of Special Elements in the chromium_path variable may allow OS command injection ..."
"This is a similar RCE like [CVE-2024-12971](https://attackerkb.com/topics/BJe14wkMYS/cve-2024-12971) but now in the `chromium_path`directory settings at the Pandora ITSM application ..."
Link: https://attackerkb.com/assessments/cbac9f7f-798e-424f-a010-48ceada60ff7
Topic description: "Improper Neutralization of Special Elements in the chromium_path variable may allow OS command injection ..."
"This is a similar RCE like [CVE-2024-12971](https://attackerkb.com/topics/BJe14wkMYS/cve-2024-12971) but now in the `chromium_path`directory settings at the Pandora ITSM application ..."
Link: https://attackerkb.com/assessments/cbac9f7f-798e-424f-a010-48ceada60ff7
0
1
1
AttackerKB
attackerkb
New assessment for topic: CVE-2025-32820
Topic description: "A vulnerability in SMA100 allows a remote authenticated attacker with SSLVPN user privileges can inject a path traversal sequence to make any directory on the SMA appliance writable. ..."
"[CVE-2025-32820](https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0011) is an administrator-level injection to make arbitrary system directories writable ..."
Link: https://attackerkb.com/assessments/9aa7635e-3b8d-42c0-b2b9-6f44d48609c8
Topic description: "A vulnerability in SMA100 allows a remote authenticated attacker with SSLVPN user privileges can inject a path traversal sequence to make any directory on the SMA appliance writable. ..."
"[CVE-2025-32820](https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0011) is an administrator-level injection to make arbitrary system directories writable ..."
Link: https://attackerkb.com/assessments/9aa7635e-3b8d-42c0-b2b9-6f44d48609c8
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2025-32819
Topic description: "A vulnerability in SMA100 allows a remote authenticated attacker with SSLVPN user privileges to bypass the path traversal checks and delete an arbitrary file potentially resulting in a reboot to factory default settings. ..."
"CVE-2025-32819 is a patch bypass for an [older 2021 vulnerability](https://www.nccgroup.com/us/research-blog/technical-advisory-sonicwall-sma-100-series-unauthenticated-arbitrary-file-deletion/) disclosed by NCC Group ..."
Link: https://attackerkb.com/assessments/edd5917f-ed7c-4fbd-a41e-cd6e71f4d2ca
Topic description: "A vulnerability in SMA100 allows a remote authenticated attacker with SSLVPN user privileges to bypass the path traversal checks and delete an arbitrary file potentially resulting in a reboot to factory default settings. ..."
"CVE-2025-32819 is a patch bypass for an [older 2021 vulnerability](https://www.nccgroup.com/us/research-blog/technical-advisory-sonicwall-sma-100-series-unauthenticated-arbitrary-file-deletion/) disclosed by NCC Group ..."
Link: https://attackerkb.com/assessments/edd5917f-ed7c-4fbd-a41e-cd6e71f4d2ca
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2025-49706
Topic description: "Improper authentication in Microsoft Office SharePoint allows an unauthorized attacker to perform spoofing over a network. ..."
"CVE-2025-49706 is an authentication bypass affecting Microsoft SharePoint Server, allowing a remote unauthenticated attacker to reach the ToolPane page, located at the `/_layouts/15/ToolPane.aspx` URI ..."
Link: https://attackerkb.com/assessments/2451dc3d-3351-480c-aeda-e986a77792cb
Topic description: "Improper authentication in Microsoft Office SharePoint allows an unauthorized attacker to perform spoofing over a network. ..."
"CVE-2025-49706 is an authentication bypass affecting Microsoft SharePoint Server, allowing a remote unauthenticated attacker to reach the ToolPane page, located at the `/_layouts/15/ToolPane.aspx` URI ..."
Link: https://attackerkb.com/assessments/2451dc3d-3351-480c-aeda-e986a77792cb
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2025-23120
Topic description: "A vulnerability allowing remote code execution (RCE) for domain users. ..."
"[CVE-2025-23120](https://www.rapid7.com/blog/post/2025/03/19/etr-critical-veeam-backup-and-replication-cve-2025-23120/) is a critical pseudo-unauthenticated [deserialization remote code execution vulnerability](https://labs.watchtowr.com/by-executive-order-we-are-banning-blacklists-domain-level-rce-in-veeam-backup-replication-cve-2025-23120/) in Veeam Backup & Replication, a widely used backup solution ..."
Link: https://attackerkb.com/assessments/5f4f8ca4-244d-4391-aba4-2089f3bdc4bf
Topic description: "A vulnerability allowing remote code execution (RCE) for domain users. ..."
"[CVE-2025-23120](https://www.rapid7.com/blog/post/2025/03/19/etr-critical-veeam-backup-and-replication-cve-2025-23120/) is a critical pseudo-unauthenticated [deserialization remote code execution vulnerability](https://labs.watchtowr.com/by-executive-order-we-are-banning-blacklists-domain-level-rce-in-veeam-backup-replication-cve-2025-23120/) in Veeam Backup & Replication, a widely used backup solution ..."
Link: https://attackerkb.com/assessments/5f4f8ca4-244d-4391-aba4-2089f3bdc4bf
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2025-23121
Topic description: "A vulnerability allowing remote code execution (RCE) on the Backup Server by an authenticated domain user ..."
"[CVE-2025-23121](https://www.rapid7.com/blog/post/etr-critical-veeam-backup-replication-cve-2025-23121/) is an almost-unauthenticated critical remote code execution vulnerability in Veeam Backup & Replication, a widely used backup solution ..."
Link: https://attackerkb.com/assessments/f5097862-0a05-470d-8bd4-3469302779a0
Topic description: "A vulnerability allowing remote code execution (RCE) on the Backup Server by an authenticated domain user ..."
"[CVE-2025-23121](https://www.rapid7.com/blog/post/etr-critical-veeam-backup-replication-cve-2025-23121/) is an almost-unauthenticated critical remote code execution vulnerability in Veeam Backup & Replication, a widely used backup solution ..."
Link: https://attackerkb.com/assessments/f5097862-0a05-470d-8bd4-3469302779a0
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2025-1974
Topic description: "A security issue was discovered in Kubernetes where under certain conditions, an unauthenticated attacker with access to the pod network can achieve arbitrary code execution in the context of the ingress-nginx controller ..."
"CVE-2025-1974 is a [critical vulnerability](https://kubernetes.io/blog/2025/03/24/ingress-nginx-cve-2025-1974/) in the Kubernetes Ingress-NGINX controller, and it facilitates [unauthenticated remote code execution](https://www.wiz.io/blog/ingress-nginx-kubernetes-vulnerabilities) ..."
Link: https://attackerkb.com/assessments/f90c39ea-ae87-4c2f-9438-9aa62d3ce995
Topic description: "A security issue was discovered in Kubernetes where under certain conditions, an unauthenticated attacker with access to the pod network can achieve arbitrary code execution in the context of the ingress-nginx controller ..."
"CVE-2025-1974 is a [critical vulnerability](https://kubernetes.io/blog/2025/03/24/ingress-nginx-cve-2025-1974/) in the Kubernetes Ingress-NGINX controller, and it facilitates [unauthenticated remote code execution](https://www.wiz.io/blog/ingress-nginx-kubernetes-vulnerabilities) ..."
Link: https://attackerkb.com/assessments/f90c39ea-ae87-4c2f-9438-9aa62d3ce995
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2024-29847
Topic description: "Deserialization of untrusted data in the agent portal of Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote unauthenticated attacker to achieve remote code execution. ..."
"CVE-2024-29847 is an unauthenticated deserialization of untrusted data [remote code execution vulnerability](https://forums.ivanti.com/s/article/Security-Advisory-EPM-September-2024-for-EPM-2024-and-EPM-2022?language=en_US) in Ivanti Endpoint Manager ("EPM") ..."
Link: https://attackerkb.com/assessments/883eb621-851a-4454-90ac-9643eef0016b
Topic description: "Deserialization of untrusted data in the agent portal of Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote unauthenticated attacker to achieve remote code execution. ..."
"CVE-2024-29847 is an unauthenticated deserialization of untrusted data [remote code execution vulnerability](https://forums.ivanti.com/s/article/Security-Advisory-EPM-September-2024-for-EPM-2024-and-EPM-2022?language=en_US) in Ivanti Endpoint Manager ("EPM") ..."
Link: https://attackerkb.com/assessments/883eb621-851a-4454-90ac-9643eef0016b
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2023-34134
Topic description: "Exposure of sensitive information to an unauthorized actor vulnerability in SonicWall GMS and Analytics allows authenticated attacker to read administrator password hash via a web service call ..."
"CVE-2023-34134 is an [administrator password hash read](https://web.archive.org/web/20241215122545/https://www.sonicwall.com/support/product-notification/urgent-security-notice-sonicwall-gms-analytics-impacted-by-suite-of-vulnerabilities/230710150218060) via an [authenticated Web Services API call](https://www.nccgroup.com/us/research-blog/technical-advisory-sonicwall-global-management-system-gms-analytics-multiple-critical-vulnerabilities/) within the SonicWall Global Management System & Analytics suite ..."
Link: https://attackerkb.com/assessments/c52f41e0-f7c7-420b-9077-7c3cd7d1981a
Topic description: "Exposure of sensitive information to an unauthorized actor vulnerability in SonicWall GMS and Analytics allows authenticated attacker to read administrator password hash via a web service call ..."
"CVE-2023-34134 is an [administrator password hash read](https://web.archive.org/web/20241215122545/https://www.sonicwall.com/support/product-notification/urgent-security-notice-sonicwall-gms-analytics-impacted-by-suite-of-vulnerabilities/230710150218060) via an [authenticated Web Services API call](https://www.nccgroup.com/us/research-blog/technical-advisory-sonicwall-global-management-system-gms-analytics-multiple-critical-vulnerabilities/) within the SonicWall Global Management System & Analytics suite ..."
Link: https://attackerkb.com/assessments/c52f41e0-f7c7-420b-9077-7c3cd7d1981a
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2023-34133
Topic description: "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in SonicWall GMS and Analytics allows an unauthenticated attacker to extract sensitive information from the application database ..."
"CVE-2023-34133 is an assortment of unauthenticated and authenticated [SQL injection vulnerabilities](https://web.archive.org/web/20241215122545/https://www.sonicwall.com/support/product-notification/urgent-security-notice-sonicwall-gms-analytics-impacted-by-suite-of-vulnerabilities/230710150218060) affecting multiple Web Services applications within the SonicWall Global Management System & Analytics suite ..."
Link: https://attackerkb.com/assessments/2c5075d1-a31a-42f7-ab02-e59d8df1c85a
Topic description: "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in SonicWall GMS and Analytics allows an unauthenticated attacker to extract sensitive information from the application database ..."
"CVE-2023-34133 is an assortment of unauthenticated and authenticated [SQL injection vulnerabilities](https://web.archive.org/web/20241215122545/https://www.sonicwall.com/support/product-notification/urgent-security-notice-sonicwall-gms-analytics-impacted-by-suite-of-vulnerabilities/230710150218060) affecting multiple Web Services applications within the SonicWall Global Management System & Analytics suite ..."
Link: https://attackerkb.com/assessments/2c5075d1-a31a-42f7-ab02-e59d8df1c85a
0
0
0