CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 9 and 10)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
551 CVE-2018-6388 78 Exec Code 2018-01-29 2018-02-15
9.0
None Remote Low Single system Complete Complete Complete
iBall iB-WRA150N 1.2.6 build 110401 Rel.47776n devices allow remote authenticated users to execute arbitrary OS commands via shell metacharacters in the ping test arguments on the Diagnostics page.
552 CVE-2018-6387 798 2018-01-29 2018-02-15
10.0
None Remote Low Not required Complete Complete Complete
iBall iB-WRA150N 1.2.6 build 110401 Rel.47776n devices have a hardcoded password of admin for the admin account, a hardcoded password of support for the support account, and a hardcoded password of user for the user account.
553 CVE-2018-6318 426 2018-02-02 2018-02-15
9.3
None Remote Medium Not required Complete Complete Complete
In Sophos Tester Tool 3.2.0.7 Beta, the driver loads (in the context of the application used to test an exploit or ransomware) the DLL using a payload that runs from NTDLL.DLL (so, it's run in userland), but the driver doesn't perform any validation of this DLL (not its signature, not its hash, etc.). A person can change this DLL in a local way, or with a remote connection, to a malicious DLL with the same name -- and when the product is used, this malicious DLL will be loaded, aka a DLL Hijacking attack.
554 CVE-2018-6312 310 2018-03-10 2018-04-09
9.0
None Remote Low Single system Complete Complete Complete
A privileged account with a weak default password on the Foxconn femtocell FEMTO AP-FC4064-T version AP_GT_B38_5.8.3lb15-W47 LTE Build 15 can be used to turn on the TELNET service via the web interface, which allows root login without any password. This vulnerability will lead to full system compromise and disclosure of user communications. The foxconn account with an 8-character lowercase alphabetic password can be used.
555 CVE-2018-6298 20 Exec Code 2018-03-13 2018-04-09
10.0
None Remote Low Not required Complete Complete Complete
Remote code execution in Hanwha Techwin Smartcams
556 CVE-2018-6292 264 Exec Code 2018-02-13 2018-03-06
10.0
Admin Remote Low Not required Complete Complete Complete
Remote Code Execution in Saperion Web Client version 7.5.2 83166.
557 CVE-2018-6289 74 Exec Code 2018-02-06 2018-02-23
10.0
None Remote Low Not required Complete Complete Complete
Configuration file injection leading to Code Execution as Root in Kaspersky Secure Mail Gateway version 1.1.
558 CVE-2018-6229 89 Exec Code Sql 2018-03-15 2018-04-04
10.0
None Remote Low Not required Complete Complete Complete
A SQL injection vulnerability in an Trend Micro Email Encryption Gateway 5.5 edit policy script could allow an attacker to execute SQL commands to upload and execute arbitrary code that may harm the target system.
559 CVE-2018-6228 89 Exec Code Sql 2018-03-15 2018-04-04
10.0
None Remote Low Not required Complete Complete Complete
A SQL injection vulnerability in a Trend Micro Email Encryption Gateway 5.5 policy script could allow an attacker to execute SQL commands to upload and execute arbitrary code that may harm the target system.
560 CVE-2018-6221 295 2018-03-15 2018-04-04
9.3
None Remote Medium Not required Complete Complete Complete
An unvalidated software update vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow a man-in-the-middle attacker to tamper with an update file and inject their own.
561 CVE-2018-6213 798 2018-06-20 2018-08-11
10.0
None Remote Low Not required Complete Complete Complete
In the web server on D-Link DIR-620 devices with a certain customized (by ISP) variant of firmware 1.0.3, 1.0.37, 1.3.1, 1.3.3, 1.3.7, 1.4.0, and 2.0.22, there is a hardcoded password of anonymous for the admin account.
562 CVE-2018-6211 78 2018-06-20 2018-08-11
9.0
None Remote Low Single system Complete Complete Complete
On D-Link DIR-620 devices with a certain customized (by ISP) variant of firmware 1.0.3, 1.0.37, 1.3.1, 1.3.3, 1.3.7, 1.4.0, and 2.0.22, OS command injection is possible as a result of incorrect processing of the res_buf parameter to index.cgi.
563 CVE-2018-6210 798 2018-06-19 2018-08-13
10.0
None Remote Low Not required Complete Complete Complete
D-Link DIR-620 devices, with a certain Rostelekom variant of firmware 1.0.37, have a hardcoded rostel account, which makes it easier for remote attackers to obtain access via a TELNET session.
564 CVE-2018-6186 918 Exec Code +Priv 2018-02-01 2018-03-02
9.0
None Remote Low Single system Complete Complete Complete
Citrix NetScaler VPX through NS12.0 53.13.nc allows an SSRF attack via the /rapi/read_url URI by an authenticated attacker who has a webapp account. The attacker can gain access to the nsroot account, and execute remote commands with root privileges.
565 CVE-2018-6140 20 Exec Code 2019-01-09 2019-01-16
9.3
None Remote Medium Not required Complete Complete Complete
Allowing the chrome.debugger API to attach to Web UI pages in DevTools in Google Chrome prior to 67.0.3396.62 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension.
566 CVE-2018-6000 16 2018-01-22 2018-03-01
10.0
None Remote Low Not required Complete Complete Complete
An issue was discovered in AsusWRT before 3.0.0.4.384_10007. The do_vpnupload_post function in router/httpd/web.c in vpnupload.cgi provides functionality for setting NVRAM configuration values, which allows attackers to set the admin password and launch an SSH daemon (or enable infosvr command mode), and consequently obtain remote administrative access, via a crafted request. This is available to unauthenticated attackers in conjunction with CVE-2018-5999.
567 CVE-2018-5999 255 2018-01-22 2018-03-01
10.0
None Remote Low Not required Complete Complete Complete
An issue was discovered in AsusWRT before 3.0.0.4.384_10007. In the handle_request function in router/httpd/httpd.c, processing of POST requests continues even if authentication fails.
568 CVE-2018-5997 434 Exec Code 2018-01-25 2018-02-12
10.0
Admin Remote Low Not required Complete Complete Complete
An issue was discovered in the HTTP Server in RAVPower Filehub 2.000.056. Due to an unrestricted upload feature and a path traversal vulnerability, it is possible to upload a file on a filesystem with root privileges: this will lead to remote code execution as root.
569 CVE-2018-5925 119 Exec Code Overflow 2018-08-13 2018-10-15
9.3
None Remote Medium Not required Complete Complete Complete
A security vulnerability has been identified with certain HP Inkjet printers. A maliciously crafted file sent to an affected device can cause a static buffer overflow, which could allow remote code execution.
570 CVE-2018-5855 119 Overflow 2018-07-06 2018-08-29
10.0
None Remote Low Not required Complete Complete Complete
While padding or shrinking a nested wmi packet in all Android releases from CAF using the Linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-07-05, a buffer over-read can potentially occur.
571 CVE-2018-5850 191 Overflow 2018-06-06 2018-07-17
9.3
None Remote Medium Not required Complete Complete Complete
In the function csr_update_fils_params_rso(), insufficient validation on a key length can result in an integer underflow leading to a buffer overflow in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel.
572 CVE-2018-5846 416 2018-06-06 2018-07-17
9.3
None Remote Medium Not required Complete Complete Complete
A Use After Free condition can occur in the IPA driver whenever the IPA IOCTLs IPA_IOC_NOTIFY_WAN_UPSTREAM_ROUTE_ADD/IPA_IOC_NOTIFY_WAN_UPSTREAM_ROUTE_DEL/IPA_IOC_NOTIFY_WAN_EMBMS_CONNECTED are called in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel.
573 CVE-2018-5841 19 2018-06-06 2018-07-17
9.3
None Remote Medium Not required Complete Complete Complete
dcc_curr_list is initialized with a default invalid value that is expected to be programmed by the user through a sysfs node which could lead to an invalid access in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel.
574 CVE-2018-5840 264 2018-06-06 2018-07-17
9.3
None Remote Medium Not required Complete Complete Complete
Buffer Copy without Checking Size of Input can occur during the DRM SDE driver initialization sequence in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel.
575 CVE-2018-5796 119 Overflow 2018-02-04 2018-02-22
9.0
None Remote Low Single system Complete Complete Complete
An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x before 5.8.6.9 and 5.9.x before 5.9.1.3. There is a Hidden Root Shell by entering the administrator password in conjunction with the 'service start-shell' CLI command.
576 CVE-2018-5782 94 Exec Code 2018-03-14 2019-01-17
10.0
None Remote Low Not required Complete Complete Complete
A vulnerability in the conferencing component of Mitel Connect ONSITE, versions R1711-PREM and earlier, and Mitel ST 14.2, release GA28 and earlier, could allow an unauthenticated attacker to inject PHP code using specially crafted requests to the vsethost.php page. Successful exploit could allow an attacker to execute arbitrary PHP code within the context of the application.
577 CVE-2018-5781 94 Exec Code 2018-03-14 2018-09-07
10.0
None Remote Low Not required Complete Complete Complete
A vulnerability in the conferencing component of Mitel Connect ONSITE, versions R1711-PREM and earlier, and Mitel ST 14.2, release GA28 and earlier, could allow an unauthenticated attacker to inject PHP code using specially crafted requests to the vendrecording.php page. Successful exploit could allow an attacker to execute arbitrary PHP code within the context of the application.
578 CVE-2018-5780 94 Exec Code 2018-03-14 2018-09-07
10.0
None Remote Low Not required Complete Complete Complete
A vulnerability in the conferencing component of Mitel Connect ONSITE, versions R1711-PREM and earlier, and Mitel ST 14.2, release GA28 and earlier, could allow an unauthenticated attacker to inject PHP code using specially crafted requests to the vnewmeeting.php page. Successful exploit could allow an attacker to execute arbitrary PHP code within the context of the application.
579 CVE-2018-5779 94 Exec Code 2018-03-14 2018-09-07
10.0
None Remote Low Not required Complete Complete Complete
A vulnerability in the conferencing component of Mitel Connect ONSITE, versions R1711-PREM and earlier, and Mitel ST 14.2, release GA28 and earlier, could allow an unauthenticated attacker to copy a malicious script into a newly generated PHP file and then execute the generated file using specially crafted requests. Successful exploit could allow an attacker to execute arbitrary code within the context of the application.
580 CVE-2018-5770 264 2018-03-20 2018-04-18
10.0
None Remote Low Not required Complete Complete Complete
An issue was discovered on Tenda AC15 devices. A remote, unauthenticated attacker can make a request to /goform/telnet, creating a telnetd service on the device. This service is password protected; however, several default accounts exist on the device that are root accounts, which can be used to log in.
581 CVE-2018-5768 798 Exec Code 2018-03-20 2018-04-18
10.0
None Remote Low Not required Complete Complete Complete
A remote, unauthenticated attacker can gain remote code execution on the the Tenda AC15 router with a specially crafted password parameter for the COOKIE header.
582 CVE-2018-5749 434 Exec Code 2018-01-23 2018-02-15
10.0
None Remote Low Not required Complete Complete Complete
install.php in Minecraft Servers List Lite before commit c1cd164 and Premium Minecraft Servers List before 2.0.4 does not sanitize input before saving database connection information in connect.php, which might allow remote attackers to execute arbitrary PHP code via the (1) database_server, (2) database_user, (3) database_password, or (4) database_name parameter.
583 CVE-2018-5724 434 2018-01-16 2018-02-05
10.0
None Remote Low Not required Complete Complete Complete
MASTER IPCAMERA01 3.3.4.2103 devices allow Unauthenticated Configuration Download and Upload, as demonstrated by restore.cgi.
584 CVE-2018-5723 798 2018-01-16 2018-02-05
10.0
None Remote Low Not required Complete Complete Complete
MASTER IPCAMERA01 3.3.4.2103 devices have a hardcoded password of cat1029 for the root account.
585 CVE-2018-5704 134 Exec Code XSS 2018-01-16 2018-02-09
9.3
None Remote Medium Not required Complete Complete Complete
Open On-Chip Debugger (OpenOCD) 0.10.0 does not block attempts to use HTTP POST for sending data to 127.0.0.1 port 4444, which allows remote attackers to conduct cross-protocol scripting attacks, and consequently execute arbitrary commands, via a crafted web site.
586 CVE-2018-5703 787 DoS 2018-01-16 2018-02-15
10.0
None Remote Low Not required Complete Complete Complete
The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linux kernel through 4.14.11 allows attackers to cause a denial of service (slab out-of-bounds write) or possibly have unspecified other impact via vectors involving TLS.
587 CVE-2018-5701 119 Overflow 2018-01-31 2018-02-15
10.0
None Remote Low Not required Complete Complete Complete
In Iolo System Shield AntiVirus and AntiSpyware 5.0.0.136, the amp.sys driver file contains an Arbitrary Write vulnerability due to not validating input values from IOCtl 0x00226003.
588 CVE-2018-5553 78 2018-07-10 2018-09-11
10.0
None Remote Low Not required Complete Complete Complete
The Crestron Console service running on DGE-100, DM-DGE-200-C, and TS-1542-C devices with default configuration and running firmware versions 1.3384.00049.001 and lower are vulnerable to command injection that can be used to gain root-level access.
589 CVE-2018-5551 798 2018-03-19 2018-04-13
10.0
None Remote Low Not required Complete Complete Complete
Versions of DocuTrac QuicDoc and Office Therapy that ship with DTISQLInstaller.exe version 1.6.4.0 and prior contain three credentials with known passwords: QDMaster, OTMaster, and sa.
590 CVE-2018-5504 19 Exec Code 2018-03-22 2018-04-20
9.3
None Remote Medium Not required Complete Complete Complete
In some circumstances, the Traffic Management Microkernel (TMM) does not properly handle certain malformed Websockets requests/responses, which allows remote attackers to cause a denial-of-service (DoS) or possible remote code execution on the F5 BIG-IP system running versions 13.0.0 - 13.1.0.3 or 12.1.0 - 12.1.3.1.
591 CVE-2018-5473 119 Exec Code Overflow 2018-02-19 2018-03-18
10.0
None Remote Low Not required Complete Complete Complete
An Improper Restriction of Operations within the Bounds of a Memory Buffer issue was discovered in GE D60 Line Distance Relay devices running firmware Version 7.11 and prior. The SSH functions of the device are vulnerable to buffer overflow conditions that may allow a remote attacker to execute arbitrary code on the device.
592 CVE-2018-5447 20 2018-01-25 2018-02-12
10.0
None Remote Low Not required Complete Complete Complete
An Improper Input Validation issue was discovered in Nari PCS-9611 relay. An improper input validation vulnerability has been identified that affects a service within the software that may allow a remote attacker to arbitrarily read/access system resources and affect the availability of the system.
593 CVE-2018-5439 77 Exec Code 2018-02-19 2018-03-18
10.0
None Remote Low Not required Complete Complete Complete
A Command Injection issue was discovered in Nortek Linear eMerge E3 series Versions V0.32-07e and prior. A remote attacker may be able to execute arbitrary code on a target machine with elevated privileges.
594 CVE-2018-5435 Exec Code 2018-06-27 2018-08-29
10.0
None Remote Low Not required Complete Complete Complete
The TIBCO Spotfire Client and TIBCO Spotfire Web Player Client components of TIBCO Software Inc.'s TIBCO Spotfire Analyst, TIBCO Spotfire Analytics Platform for AWS Marketplace, TIBCO Spotfire Deployment Kit, TIBCO Spotfire Desktop, and TIBCO Spotfire Desktop Language Packs contain multiple vulnerabilities that may allow for remote code execution. Affected releases are TIBCO Software Inc.'s TIBCO Spotfire Analyst: versions up to and including 7.8.0; 7.9.0; 7.9.1; 7.10.0; 7.10.1; 7.11.0; 7.12.0, TIBCO Spotfire Analytics Platform for AWS Marketplace: versions up to and including 7.12.0, TIBCO Spotfire Deployment Kit: versions up to and including 7.8.0; 7.9.0;7.9.1;7.10.0;7.10.1;7.11.0; 7.12.0, TIBCO Spotfire Desktop: versions up to and including 7.8.0; 7.9.0; 7.9.1; 7.10.0; 7.10.1; 7.11.0;7.12.0, TIBCO Spotfire Desktop Language Packs: versions up to and including 7.8.0; 7.9.0; 7.9.1; 7.10.0; 7.10.1; 7.11.0.
595 CVE-2018-5428 77 Exec Code 2018-06-20 2018-08-11
9.0
None Remote Low Single system Complete Complete Complete
The version control adapters component of TIBCO Data Virtualization (formerly known as Cisco Information Server) contains vulnerabilities that may allow for arbitrary command execution. Affected releases are TIBCO Data Virtualization: 7.0.5; 7.0.6.
596 CVE-2018-5393 306 Exec Code 2018-09-28 2019-01-07
10.0
None Remote Low Not required Complete Complete Complete
The TP-LINK EAP Controller is TP-LINK's software for remotely controlling wireless access point devices. It utilizes a Java remote method invocation (RMI) service for remote control. The RMI interface does not require any authentication before use, so it lacks user authentication for RMI service commands in EAP controller versions 2.5.3 and earlier. Remote attackers can implement deserialization attacks through the RMI protocol. Successful attacks may allow a remote attacker to remotely control the target server and execute Java functions or bytecode.
597 CVE-2018-5371 78 Exec Code 2018-01-12 2018-02-02
9.0
None Remote Low Single system Complete Complete Complete
diag_ping.cmd on D-Link DSL-2640U devices with firmware IM_1.00 and ME_1.00, and DSL-2540U devices with firmware ME_1.00, allows authenticated remote attackers to execute arbitrary OS commands via shell metacharacters in the ipaddr field of an HTTP GET request.
598 CVE-2018-5359 119 Overflow 2018-01-23 2018-02-09
9.3
None Remote Medium Not required Complete Complete Complete
The server in Flexense SysGauge 3.6.18 operating on port 9221 can be exploited remotely with the attacker gaining system-level access because of a Buffer Overflow.
599 CVE-2018-5347 77 2018-01-11 2018-02-12
10.0
None Remote Low Not required Complete Complete Complete
Seagate Media Server in Seagate Personal Cloud has unauthenticated command injection in the uploadTelemetry and getLogs functions in views.py because .psp URLs are handled by the fastcgi.server component and shell metacharacters are mishandled.
600 CVE-2018-5262 119 Exec Code Overflow 2018-01-12 2018-01-29
10.0
Admin Remote Low Not required Complete Complete Complete
A stack-based buffer overflow in Flexense DiskBoss 8.8.16 and earlier allows unauthenticated remote attackers to execute arbitrary code in the context of a highly privileged account.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.