CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 8 and 10)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
2151 CVE-2017-16343 119 Overflow 2018-08-02 2018-09-27
8.0
None Remote Low Single system Partial Partial Complete
An attacker could send an authenticated HTTP request to trigger this vulnerability in Insteon Hub running firmware version 1012. At 0x9d01c284 the value for the s_vol_brt_delta key is copied using strcpy to the buffer at 0xa0000510. This buffer is 4 bytes large, sending anything longer will cause a buffer overflow.
2152 CVE-2017-16342 119 Overflow 2018-08-02 2018-09-27
8.0
None Remote Low Single system Partial Partial Complete
An attacker could send an authenticated HTTP request to trigger this vulnerability in Insteon Hub running firmware version 1012. At 0x9d01c254 the value for the s_vol_dim_delta key is copied using strcpy to the buffer at 0xa0000514. This buffer is 4 bytes large, sending anything longer will cause a buffer overflow.
2153 CVE-2017-16341 119 Overflow 2018-08-02 2018-09-27
8.0
None Remote Low Single system Partial Partial Complete
An attacker could send an authenticated HTTP request to trigger this vulnerability in Insteon Hub running firmware version 1012. At 0x9d01c224 the value for the s_vol_play key is copied using strcpy to the buffer at 0xa0000418. This buffer is maximum 8 bytes large (this is the maximum size it could be, it is possible other global variables are stored between this variable and the next one that we could identify), sending anything longer will cause a buffer overflow.
2154 CVE-2017-16340 119 Overflow 2018-08-02 2018-09-27
8.0
None Remote Low Single system Partial Partial Complete
An attacker could send an authenticated HTTP request to trigger this vulnerability in Insteon Hub running firmware version 1012. At 0x9d01c0e8 the value for the s_dport key is copied using strcpy to the buffer at 0xa000180c. This buffer is 6 bytes large, sending anything longer will cause a buffer overflow.
2155 CVE-2017-16339 119 Overflow 2018-08-02 2018-09-27
8.0
None Remote Low Single system Partial Partial Complete
An attacker could send an authenticated HTTP request to trigger this vulnerability in Insteon Hub running firmware version 1012. At 0x9d01bb1c the value for the uri key is copied using strcpy to the buffer at 0xa00016a0. This buffer is 64 bytes large, sending anything longer will cause a buffer overflow.
2156 CVE-2017-16338 119 Overflow 2018-08-02 2018-09-27
8.0
None Remote Low Single system Partial Partial Complete
An attacker could send an authenticated HTTP request to trigger this vulnerability in Insteon Hub running firmware version 1012. At 0x9d01bad0 the value for the host key is copied using strcpy to the buffer at 0xa00016e0. This buffer is 32 bytes large, sending anything longer will cause a buffer overflow.
2157 CVE-2017-16337 119 Overflow 2018-08-23 2018-10-19
9.0
None Remote Low Single system Complete Complete Complete
On Insteon Hub 2245-222 devices with firmware version 1012, specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. At 0x9d01ef24 the value for the s_offset key is copied using strcpy to the buffer at $sp+0x2b0. This buffer is 32 bytes large, sending anything longer will cause a buffer overflow.
2158 CVE-2017-16251 434 Exec Code 2018-03-13 2018-09-07
9.0
None Remote Low Single system Complete Complete Complete
A vulnerability in the conferencing component of Mitel ST 14.2, release GA28 and earlier, could allow an authenticated user to upload a malicious script to the Personal Library by a crafted POST request. Successful exploit could allow an attacker to execute arbitrary code within the context of the application.
2159 CVE-2017-16128 276 2018-06-06 2019-10-09
10.0
None Remote Low Not required Complete Complete Complete
The module npm-script-demo opened a connection to a command and control server. It has been removed from the npm registry.
2160 CVE-2017-16127 276 2018-06-06 2019-10-09
10.0
None Remote Low Not required Complete Complete Complete
The module pandora-doomsday infects other modules. It's since been unpublished from the registry.
2161 CVE-2017-16100 77 2018-06-06 2019-10-09
10.0
None Remote Low Not required Complete Complete Complete
dns-sync is a sync/blocking dns resolver. If untrusted user input is allowed into the resolve() method then command injection is possible.
2162 CVE-2017-16088 2018-06-06 2019-10-09
10.0
None Remote Low Not required Complete Complete Complete
The safe-eval module describes itself as a safer version of eval. By accessing the object constructors, un-sanitized user input can access the entire standard library and effectively break out of the sandbox.
2163 CVE-2017-16040 319 Exec Code 2018-06-04 2019-10-09
9.3
None Remote Medium Not required Complete Complete Complete
gfe-sass is a library for promises (CommonJS/Promises/A,B,D) gfe-sass downloads resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between the user and the remote server.
2164 CVE-2017-16035 319 2018-06-04 2019-10-09
9.3
None Remote Medium Not required Complete Complete Complete
The hubl-server module is a wrapper for the HubL Development Server. During installation hubl-server downloads a set of dependencies from api.hubapi.com. It appears in the code that these files are downloaded over HTTPS however the api.hubapi.com endpoint redirects to a HTTP url. Because of this behavior an attacker with the ability to man-in-the-middle a developer or system performing a package installation could compromise the integrity of the installation.
2165 CVE-2017-16003 311 Exec Code 2018-05-29 2019-10-09
9.3
None Remote Medium Not required Complete Complete Complete
windows-build-tools is a module for installing C++ Build Tools for Windows using npm. windows-build-tools versions below 1.0.0 download resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between the user and the remote server.
2166 CVE-2017-15940 77 Exec Code 2017-12-11 2017-12-22
9.0
None Remote Low Single system Complete Complete Complete
The web interface packet capture management component in Palo Alto Networks PAN-OS before 6.1.19, 7.0.x before 7.0.19, 7.1.x before 7.1.14, and 8.0.x before 8.0.6 allows remote authenticated users to execute arbitrary code via unspecified vectors.
2167 CVE-2017-15935 94 Exec Code 2017-10-27 2017-11-14
9.0
None Remote Low Single system Complete Complete Complete
Artica Pandora FMS version 7.0 is vulnerable to remote PHP code execution through the manager files function. This is only exploitable by administrators who upload a PHP file.
2168 CVE-2017-15876 434 2017-12-18 2018-01-05
9.0
None Remote Low Single system Complete Complete Complete
Unrestricted File Upload vulnerability in GPWeb 8.4.61 allows remote authenticated users to upload any type of file, including a PHP shell.
2169 CVE-2017-15860 843 Overflow 2018-02-23 2019-10-02
9.3
None Remote Medium Not required Complete Complete Complete
In all Qualcomm products with Android releases from CAF using the Linux kernel, while processing an encrypted authentication management frame, a stack buffer overflow may potentially occur.
2170 CVE-2017-15849 416 2018-01-10 2018-01-29
9.3
None Remote Medium Not required Complete Complete Complete
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a LayerStack can be destroyed in between Validate and Commit by the application resulting in a Use After Free condition.
2171 CVE-2017-15822 119 Overflow 2018-04-03 2018-05-08
8.3
None Local Network Low Not required Complete Complete Complete
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, while processing a 802.11 management frame, a buffer overflow may potentially occur.
2172 CVE-2017-15817 20 2018-02-23 2018-03-12
9.3
None Remote Medium Not required Complete Complete Complete
In all Qualcomm products with Android releases from CAF using the Linux kernel, when an access point sends a challenge text greater than 128 bytes, the host driver is unable to validate this potentially leading to authentication failure.
2173 CVE-2017-15815 119 Overflow 2018-03-15 2018-04-06
10.0
None Remote Low Not required Complete Complete Complete
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a potential buffer overflow can happen when processing any 802.11 MGMT frames like Auth frame in limProcessAuthFrame.
2174 CVE-2017-15673 434 Exec Code 2017-11-28 2017-12-20
9.0
None Remote Low Single system Complete Complete Complete
The files function in the administration section in CS-Cart 4.6.2 and earlier allows attackers to execute arbitrary PHP code via vectors involving a custom page.
2175 CVE-2017-15655 119 Overflow 2018-01-31 2018-02-21
9.3
None Remote Medium Not required Complete Complete Complete
Multiple buffer overflow vulnerabilities exist in the HTTPd server in Asus asuswrt version <=3.0.0.4.376.X. All have been fixed in version 3.0.0.4.378, but this vulnerability was not previously disclosed. Some end-of-life routers have this version as the newest and thus are vulnerable at this time. This vulnerability allows for RCE with administrator rights when the administrator visits several pages.
2176 CVE-2017-15637 Exec Code 2018-01-11 2019-10-02
9.0
None Remote Low Single system Complete Complete Complete
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the pptphellointerval variable in the pptp_server.lua file.
2177 CVE-2017-15636 Exec Code 2018-01-11 2019-10-02
9.0
None Remote Low Single system Complete Complete Complete
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-time variable in the webfilter.lua file.
2178 CVE-2017-15635 Exec Code 2018-01-11 2019-10-02
9.0
None Remote Low Single system Complete Complete Complete
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the max_conn variable in the session_limits.lua file.
2179 CVE-2017-15634 Exec Code 2018-01-11 2019-10-02
9.0
None Remote Low Single system Complete Complete Complete
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the name variable in the wportal.lua file.
2180 CVE-2017-15633 Exec Code 2018-01-11 2019-10-02
9.0
None Remote Low Single system Complete Complete Complete
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-ipgroup variable in the session_limits.lua file.
2181 CVE-2017-15632 Exec Code 2018-01-11 2019-10-02
9.0
None Remote Low Single system Complete Complete Complete
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-mppeencryption variable in the pptp_server.lua file.
2182 CVE-2017-15631 Exec Code 2018-01-11 2019-10-02
9.0
None Remote Low Single system Complete Complete Complete
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-workmode variable in the pptp_client.lua file.
2183 CVE-2017-15630 Exec Code 2018-01-11 2019-10-02
9.0
None Remote Low Single system Complete Complete Complete
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-remotesubnet variable in the pptp_client.lua file.
2184 CVE-2017-15629 Exec Code 2018-01-11 2019-10-02
9.0
None Remote Low Single system Complete Complete Complete
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-tunnelname variable in the pptp_client.lua file.
2185 CVE-2017-15628 Exec Code 2018-01-11 2019-10-02
9.0
None Remote Low Single system Complete Complete Complete
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the lcpechointerval variable in the pptp_server.lua file.
2186 CVE-2017-15627 Exec Code 2018-01-11 2019-10-02
9.0
None Remote Low Single system Complete Complete Complete
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-pns variable in the pptp_client.lua file.
2187 CVE-2017-15626 Exec Code 2018-01-11 2019-10-02
9.0
None Remote Low Single system Complete Complete Complete
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-bindif variable in the pptp_server.lua file.
2188 CVE-2017-15625 Exec Code 2018-01-11 2019-10-02
9.0
None Remote Low Single system Complete Complete Complete
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-olmode variable in the pptp_client.lua file.
2189 CVE-2017-15624 Exec Code 2018-01-11 2019-10-02
9.0
None Remote Low Single system Complete Complete Complete
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-authtype variable in the pptp_server.lua file.
2190 CVE-2017-15623 Exec Code 2018-01-11 2019-10-02
9.0
None Remote Low Single system Complete Complete Complete
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-enable variable in the pptp_server.lua file.
2191 CVE-2017-15622 Exec Code 2018-01-11 2019-10-02
9.0
None Remote Low Single system Complete Complete Complete
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-mppeencryption variable in the pptp_client.lua file.
2192 CVE-2017-15621 Exec Code 2018-01-11 2019-10-02
9.0
None Remote Low Single system Complete Complete Complete
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the olmode variable in the interface_wan.lua file.
2193 CVE-2017-15620 Exec Code 2018-01-11 2019-10-02
9.0
None Remote Low Single system Complete Complete Complete
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-zone variable in the ipmac_import.lua file.
2194 CVE-2017-15619 Exec Code 2018-01-11 2019-10-02
9.0
None Remote Low Single system Complete Complete Complete
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the pptphellointerval variable in the pptp_client.lua file.
2195 CVE-2017-15618 Exec Code 2018-01-11 2019-10-02
9.0
None Remote Low Single system Complete Complete Complete
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-enable variable in the pptp_client.lua file.
2196 CVE-2017-15617 Exec Code 2018-01-11 2019-10-02
9.0
None Remote Low Single system Complete Complete Complete
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the iface variable in the interface_wan.lua file.
2197 CVE-2017-15616 Exec Code 2018-01-11 2019-10-02
9.0
None Remote Low Single system Complete Complete Complete
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-interface variable in the phddns.lua file.
2198 CVE-2017-15615 Exec Code 2018-01-11 2019-10-02
9.0
None Remote Low Single system Complete Complete Complete
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the lcpechointerval variable in the pptp_client.lua file.
2199 CVE-2017-15614 Exec Code 2018-01-11 2019-10-02
9.0
None Remote Low Single system Complete Complete Complete
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-outif variable in the pptp_client.lua file.
2200 CVE-2017-15613 Exec Code 2018-01-11 2019-10-02
9.0
None Remote Low Single system Complete Complete Complete
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-interface variable in the cmxddns.lua file.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.