| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2017-14867 |
78 |
|
Exec Code |
2017-09-29 |
2021-01-26 |
9.0 |
None |
Remote |
Low |
??? |
Complete |
Complete |
Complete |
|
Git before 2.10.5, 2.11.x before 2.11.4, 2.12.x before 2.12.5, 2.13.x before 2.13.6, and 2.14.x before 2.14.2 uses unsafe Perl scripts to support subcommands such as cvsserver, which allows attackers to execute arbitrary OS commands via shell metacharacters in a module name. The vulnerable code is reachable via git-shell even without CVS support. |
|
2 |
CVE-2017-14743 |
89 |
|
Sql |
2017-09-26 |
2017-10-10 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Faleemi FSC-880 00.01.01.0048P2 devices allow unauthenticated SQL injection via the Username element in an XML document to /onvif/device_service, as demonstrated by reading the admin password. |
|
3 |
CVE-2017-14705 |
78 |
|
Exec Code |
2017-09-22 |
2019-10-03 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
DenyAll WAF before 6.4.1 allows unauthenticated remote command execution via TCP port 3001 because shell metacharacters can be inserted into the type parameter to the tailDateFile function in /webservices/stream/tail.php. An iToken authentication parameter is required but can be obtained by exploiting CVE-2017-14706. This affects DenyAll i-Suite LTS 5.5.0 through 5.5.12, i-Suite 5.6, Web Application Firewall 5.7, and Web Application Firewall 6.x before 6.4.1, with On Premises or AWS/Azure cloud deployments. |
|
4 |
CVE-2017-14602 |
287 |
|
|
2017-09-26 |
2019-10-03 |
9.0 |
None |
Remote |
Low |
??? |
Complete |
Complete |
Complete |
|
A vulnerability has been identified in the management interface of Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway 10.1 before build 135.18, 10.5 before build 66.9, 10.5e before build 60.7010.e, 11.0 before build 70.16, 11.1 before build 55.13, and 12.0 before build 53.13 (except for build 41.24) that, if exploited, could allow an attacker with access to the NetScaler management interface to gain administrative access to the appliance. |
|
5 |
CVE-2017-14429 |
78 |
|
Exec Code |
2017-09-13 |
2019-10-03 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
The DHCP client on D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) and REV. B (with firmware through FW208WWb02) devices allows unauthenticated remote code execution as root because /etc/services/INET/inet_ipv4.php mishandles shell metacharacters, affecting generated files such as WAN-1-udhcpc.sh. |
|
6 |
CVE-2017-14421 |
798 |
|
|
2017-09-13 |
2017-09-21 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
D-Link DIR-850L REV. B (with firmware through FW208WWb02) devices have a hardcoded password of wrgac25_dlink.2013gui_dir850l for the Alphanetworks account upon device reset, which allows remote attackers to obtain root access via a TELNET session. |
|
7 |
CVE-2017-14350 |
306 |
|
Exec Code |
2017-09-30 |
2017-10-05 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
A potential security vulnerability has been identified in HPE Application Performance Management (BSM) Platform versions 9.26, 9.30, 9.40. The vulnerability could be remotely exploited to allow code execution. |
|
8 |
CVE-2017-14263 |
384 |
|
|
2017-09-11 |
2019-10-03 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Honeywell NVR devices allow remote attackers to create a user account in the admin group by leveraging access to a guest account to obtain a session ID, and then sending that session ID in a userManager.addUser request to the /RPC2 URI. The attacker can login to the device with that new user account to fully control the device. |
|
9 |
CVE-2017-14262 |
326 |
|
|
2017-09-11 |
2019-10-03 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
On Samsung NVR devices, remote attackers can read the MD5 password hash of the 'admin' account via certain szUserName JSON data to cgi-bin/main-cgi, and login to the device with that hash in the szUserPasswd parameter. |
|
10 |
CVE-2017-14244 |
425 |
|
Bypass |
2017-09-17 |
2021-06-21 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
An authentication bypass vulnerability on iBall Baton ADSL2+ Home Router FW_iB-LR7011A_1.0.2 devices potentially allows attackers to directly access administrative router settings by crafting URLs with a .cgi extension, as demonstrated by /info.cgi and /password.cgi. |
|
11 |
CVE-2017-14243 |
287 |
|
Bypass |
2017-09-17 |
2019-10-03 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
An authentication bypass vulnerability on UTStar WA3002G4 ADSL Broadband Modem WA3002G4-0021.01 devices allows attackers to directly access administrative settings and obtain cleartext credentials from HTML source, as demonstrated by info.cgi, upload.cgi, backupsettings.cgi, pppoe.cgi, resetrouter.cgi, and password.cgi. |
|
12 |
CVE-2017-14135 |
78 |
|
Exec Code |
2017-09-04 |
2017-09-12 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
enigma2-plugins/blob/master/webadmin/src/WebChilds/Script.py in the webadmin plugin for opendreambox 2.0.0 allows remote attackers to execute arbitrary OS commands via shell metacharacters in the command parameter to the /script URI. |
|
13 |
CVE-2017-14127 |
78 |
|
Exec Code |
2017-09-04 |
2017-09-08 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Command Injection in the Ping Module in the Web Interface on Technicolor TD5336 OI_Fw_v7 devices allows remote attackers to execute arbitrary OS commands as root via shell metacharacters in the pingAddr parameter to mnt_ping.cgi. |
|
14 |
CVE-2017-14123 |
434 |
|
|
2017-09-04 |
2020-10-01 |
9.0 |
None |
Remote |
Low |
??? |
Complete |
Complete |
Complete |
|
Zoho ManageEngine Firewall Analyzer 12200 has an unrestricted File Upload vulnerability in the "Group Chat" section. Any user can upload files with any extensions. By uploading a PHP file to the server, an attacker can cause it to execute in the server context, as demonstrated by /itplus/FileStorage/302/shell.jsp. |
|
15 |
CVE-2017-14116 |
798 |
|
|
2017-09-03 |
2017-09-13 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
The AT&T U-verse 9.2.2h0d83 firmware for the Arris NVG599 device, when IP Passthrough mode is not used, configures WAN access to a caserver https service with the tech account and an empty password, which allows remote attackers to obtain root privileges by establishing a session on port 49955 and then installing new software, such as BusyBox with "nc -l" support. |
|
16 |
CVE-2017-14115 |
798 |
|
|
2017-09-03 |
2021-08-23 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
The AT&T U-verse 9.2.2h0d83 firmware for the Arris NVG589 and NVG599 devices, when IP Passthrough mode is not used, configures ssh-permanent-enable WAN SSH logins to the remotessh account with the 5SaP9I26 password, which allows remote attackers to access a "Terminal shell v1.0" service, and subsequently obtain unrestricted root privileges, by establishing an SSH session and then entering certain shell metacharacters and BusyBox commands. |
|
17 |
CVE-2017-14078 |
89 |
|
Exec Code Sql |
2017-09-22 |
2017-09-29 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
SQL Injection vulnerabilities in Trend Micro Mobile Security (Enterprise) versions before 9.7 Patch 3 allow remote attackers to execute arbitrary code on vulnerable installations. |
|
18 |
CVE-2017-14001 |
78 |
|
Exec Code |
2017-09-26 |
2019-10-09 |
9.0 |
None |
Remote |
Low |
??? |
Complete |
Complete |
Complete |
|
An Improper Neutralization of Special Elements used in an OS Command issue was discovered in Digium Asterisk GUI 2.1.0 and prior. An OS command injection vulnerability has been identified that may allow the execution of arbitrary code on the system through the inclusion of OS commands in the URL request of the program. |
|
19 |
CVE-2017-13983 |
287 |
|
Bypass |
2017-09-30 |
2017-10-05 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
An authentication vulnerability in HPE BSM Platform Application Performance Management System Health product versions 9.26, 9.30 and 9.40, allows remote users to bypass authentication. |
|
20 |
CVE-2017-13982 |
22 |
|
Dir. Trav. |
2017-09-30 |
2017-10-11 |
9.0 |
None |
Remote |
Low |
??? |
Complete |
Complete |
Complete |
|
A directory traversal vulnerability in HPE BSM Platform Application Performance Management System Health product versions 9.26, 9.30 and 9.40, allows users to upload unrestricted files. |
|
21 |
CVE-2017-12928 |
798 |
|
|
2017-09-21 |
2017-09-29 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
A hard-coded password of tecn0visi0n for the dlxuser account in TecnoVISION DLX Spot Player4 (all known versions) allows remote attackers to log in via SSH and escalate privileges to root access with the same credentials. |
|
22 |
CVE-2017-12249 |
668 |
|
|
2017-09-13 |
2019-10-09 |
9.0 |
None |
Remote |
Low |
??? |
Complete |
Complete |
Complete |
|
A vulnerability in the Traversal Using Relay NAT (TURN) server included with Cisco Meeting Server (CMS) could allow an authenticated, remote attacker to gain unauthenticated or unauthorized access to components of or sensitive information in an affected system. The vulnerability is due to an incorrect default configuration of the TURN server, which could expose internal interfaces and ports on the external interface of an affected system. An attacker could exploit this vulnerability by using a TURN server to perform an unauthorized connection to a Call Bridge, a Web Bridge, or a database cluster in an affected system, depending on the deployment model and CMS services in use. A successful exploit could allow the attacker to gain unauthenticated access to a Call Bridge or database cluster in an affected system or gain unauthorized access to sensitive meeting information in an affected system. To exploit this vulnerability, the attacker must have valid credentials for the TURN server of the affected system. This vulnerability affects Cisco Meeting Server (CMS) deployments that are running a CMS Software release prior to Release 2.0.16, 2.1.11, or 2.2.6. Cisco Bug IDs: CSCvf51127. |
|
23 |
CVE-2017-12240 |
119 |
|
DoS Exec Code Overflow |
2017-09-29 |
2019-10-09 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
The DHCP relay subsystem of Cisco IOS 12.2 through 15.6 and Cisco IOS XE Software contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code and gain full control of an affected system. The attacker could also cause an affected system to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to a buffer overflow condition in the DHCP relay subsystem of the affected software. An attacker could exploit this vulnerability by sending a crafted DHCP Version 4 (DHCPv4) packet to an affected system. A successful exploit could allow the attacker to execute arbitrary code and gain full control of the affected system or cause the affected system to reload, resulting in a DoS condition. Cisco Bug IDs: CSCsm45390, CSCuw77959. |
|
24 |
CVE-2017-12230 |
276 |
|
|
2017-09-29 |
2019-10-09 |
9.0 |
None |
Remote |
Low |
??? |
Complete |
Complete |
Complete |
|
A vulnerability in the web-based user interface (web UI) of Cisco IOS XE 16.2 could allow an authenticated, remote attacker to elevate their privileges on an affected device. The vulnerability is due to incorrect default permission settings for new users who are created by using the web UI of the affected software. An attacker could exploit this vulnerability by using the web UI of the affected software to create a new user and then logging into the web UI as the newly created user. A successful exploit could allow the attacker to elevate their privileges on the affected device. This vulnerability affects Cisco devices that are running a vulnerable release Cisco IOS XE Software, if the HTTP Server feature is enabled for the device. The newly redesigned, web-based administration UI was introduced in the Denali 16.2 Release of Cisco IOS XE Software. This vulnerability does not affect the web-based administration UI in earlier releases of Cisco IOS XE Software. Cisco Bug IDs: CSCuy83062. |
|
25 |
CVE-2017-12229 |
287 |
|
Bypass |
2017-09-29 |
2019-10-09 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
A vulnerability in the REST API of the web-based user interface (web UI) of Cisco IOS XE 3.1 through 16.5 could allow an unauthenticated, remote attacker to bypass authentication to the REST API of the web UI of the affected software. The vulnerability is due to insufficient input validation for the REST API of the affected software. An attacker could exploit this vulnerability by sending a malicious API request to an affected device. A successful exploit could allow the attacker to bypass authentication and gain access to the web UI of the affected software. This vulnerability affects Cisco devices that are running a vulnerable release of Cisco IOS XE Software, if the HTTP Server feature is enabled for the device. The newly redesigned, web-based administration UI was introduced in the Denali 16.2 Release of Cisco IOS XE Software. This vulnerability does not affect the web-based administration UI in earlier releases of Cisco IOS XE Software. Cisco Bug IDs: CSCuz46036. |
|
26 |
CVE-2017-12226 |
20 |
|
+Priv |
2017-09-29 |
2019-10-09 |
9.0 |
None |
Remote |
Low |
??? |
Complete |
Complete |
Complete |
|
A vulnerability in the web-based Wireless Controller GUI of Cisco IOS XE Software for Cisco 5760 Wireless LAN Controllers, Cisco Catalyst 4500E Supervisor Engine 8-E (Wireless) Switches, and Cisco New Generation Wireless Controllers (NGWC) 3850 could allow an authenticated, remote attacker to elevate their privileges on an affected device. The vulnerability is due to incomplete input validation of HTTP requests by the affected GUI, if the GUI connection state or protocol changes. An attacker could exploit this vulnerability by authenticating to the Wireless Controller GUI as a Lobby Administrator user of an affected device and subsequently changing the state or protocol for their connection to the GUI. A successful exploit could allow the attacker to elevate their privilege level to administrator and gain full control of the affected device. This vulnerability affects the following Cisco products if they are running Cisco IOS XE Software Release 3.7.0E, 3.7.1E, 3.7.2E, 3.7.3E, 3.7.4E, or 3.7.5E: Cisco 5760 Wireless LAN Controllers, Cisco Catalyst 4500E Supervisor Engine 8-E (Wireless) Switches, Cisco New Generation Wireless Controllers (NGWC) 3850. Cisco Bug IDs: CSCvd73746. |
|
27 |
CVE-2017-11396 |
|
|
|
2017-09-22 |
2020-08-19 |
9.0 |
None |
Remote |
Low |
??? |
Complete |
Complete |
Complete |
|
Vulnerability issues with the web service inspection of input parameters in Trend Micro Web Security Virtual Appliance 6.5 may allow potential attackers who already have administration rights to the console to implement remote code injections. |
|
28 |
CVE-2017-11351 |
798 |
|
|
2017-09-13 |
2017-09-21 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Axesstel MU553S MU55XS-V1.14 devices have a default password of admin for the admin account. |
|
29 |
CVE-2017-11121 |
119 |
|
DoS Overflow |
2017-09-28 |
2019-03-13 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
On Broadcom BCM4355C0 Wi-Fi chips 9.44.78.27.0.1.56 and other chips, properly crafted malicious over-the-air Fast Transition frames can potentially trigger internal Wi-Fi firmware heap and/or stack overflows, leading to denial of service or other effects, aka B-V2017061205. |
|
30 |
CVE-2017-11120 |
119 |
|
Overflow |
2017-09-28 |
2019-03-13 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
On Broadcom BCM4355C0 Wi-Fi chips 9.44.78.27.0.1.56 and other chips, an attacker can craft a malformed RRM neighbor report frame to trigger an internal buffer overflow in the Wi-Fi firmware, aka B-V2017061204. |
|
31 |
CVE-2017-11041 |
|
|
|
2017-09-21 |
2019-10-03 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, an output buffer is accessed in one thread and can be potentially freed in another. |
|
32 |
CVE-2017-10932 |
502 |
|
Exec Code |
2017-09-28 |
2017-10-11 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
All versions prior to V12.17.20 of the ZTE Microwave NR8000 series products - NR8120, NR8120A, NR8120, NR8150, NR8250, NR8000 TR and NR8950 are the applications of C/S architecture using the Java RMI service in which the servers use the Apache Commons Collections (ACC) library that may result in Java deserialization vulnerabilities. An unauthenticated remote attacker can exploit the vulnerabilities by sending a crafted RMI request to execute arbitrary code on the target host. |
|
33 |
CVE-2017-10860 |
426 |
|
Exec Code |
2017-09-15 |
2017-09-22 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Untrusted search path vulnerability in "i-filter 6.0 installer" timestamp of code signing is before 23 Aug 2017 (JST) allows an attacker to execute arbitrary code via a specially crafted executable file in an unspecified directory. |
|
34 |
CVE-2017-10859 |
426 |
|
+Priv |
2017-09-15 |
2017-09-21 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Untrusted search path vulnerability in "i-filter 6.0 installer" timestamp of code signing is before 23 Aug 2017 (JST) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. |
|
35 |
CVE-2017-10858 |
426 |
|
+Priv |
2017-09-15 |
2017-09-21 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Untrusted search path vulnerability in "i-filter 6.0 install program" file version 1.0.8.1 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. |
|
36 |
CVE-2017-10855 |
426 |
|
+Priv |
2017-09-15 |
2017-09-21 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Untrusted search path vulnerability in FENCE-Explorer for Windows V8.4.1 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. |
|
37 |
CVE-2017-10851 |
426 |
|
+Priv |
2017-09-01 |
2017-09-06 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Untrusted search path vulnerability in Installer for ContentsBridge Utility for Windows 7.4.0 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. |
|
38 |
CVE-2017-10850 |
426 |
|
+Priv |
2017-09-01 |
2021-04-23 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Untrusted search path vulnerability in Installers of ART EX Driver for ApeosPort-VI C7771/C6671/C5571/C4471/C3371/C2271, DocuCentre-VI C7771/C6671/C5571/C4471/C3371/C2271 (Timestamp of code signing is before 12 Apr 2017 02:04 UTC.), PostScript? Driver + Additional Feature Plug-in + PPD File for ApeosPort-VI C7771/C6671/C5571/C4471/C3371/C2271, DocuCentre-VI C7771/C6671/C5571/C4471/C3371/C2271 (Timestamp of code signing is before 12 Apr 2017 02:10 UTC.), XPS Print Driver for ApeosPort-VI C7771/C6671/C5571/C4471/C3371/C2271, DocuCentre-VI C7771/C6671/C5571/C4471/C3371/C2271 (Timestamp of code signing is before 3 Nov 2017 23:48 UTC.), ART EX Direct FAX Driver for ApeosPort-VI C7771/C6671/C5571/C4471/C3371/C2271, DocuCentre-VI C7771/C6671/C5571/C4471/C3371/C2271 (Timestamp of code signing is before 26 May 2017 07:44 UTC.), Setting Restore Tool for ApeosPort-VI C7771/C6671/C5571/C4471/C3371/C2271, DocuCentre-VI C7771/C6671/C5571/C4471/C3371/C2271 (Timestamp of code signing is before 25 Aug 2015 08:51 UTC.) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. |
|
39 |
CVE-2017-10849 |
426 |
|
+Priv |
2017-09-01 |
2017-09-05 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Untrusted search path vulnerability in Self-extracting document generated by DocuWorks 8.0.7 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. |
|
40 |
CVE-2017-10848 |
426 |
|
+Priv |
2017-09-01 |
2017-09-06 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Untrusted search path vulnerability in Installers for DocuWorks 8.0.7 and earlier and DocuWorks Viewer Light published in Jul 2017 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. |
|
41 |
CVE-2017-10845 |
|
|
|
2017-09-15 |
2019-10-09 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Wi-Fi STATION L-02F Software version V10g and earlier allows remote attackers to access the device with administrative privileges and perform unintended operations through a backdoor account. |
|
42 |
CVE-2017-10829 |
426 |
|
+Priv |
2017-09-01 |
2017-09-06 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Untrusted search path vulnerability in Remote Support Tool (Enkaku Support Tool) All versions distributed through the website till 2017 August 10 allow an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. |
|
43 |
CVE-2017-10784 |
287 |
|
Exec Code |
2017-09-19 |
2018-10-31 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
The Basic authentication code in WEBrick library in Ruby before 2.2.8, 2.3.x before 2.3.5, and 2.4.x through 2.4.1 allows remote attackers to inject terminal emulator escape sequences into its log and possibly execute arbitrary commands via a crafted user name. |
|
44 |
CVE-2017-10700 |
20 |
|
Exec Code |
2017-09-19 |
2019-10-03 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
In the medialibrary component in QNAP NAS 4.3.3.0229, an un-authenticated, remote attacker can execute arbitrary system commands as the root user of the NAS application. |
|
45 |
CVE-2017-9725 |
682 |
|
|
2017-09-21 |
2019-10-03 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, during DMA allocation, due to wrong data type of size, allocation size gets truncated which makes allocation succeed when it should fail. |
|
46 |
CVE-2017-9724 |
269 |
|
|
2017-09-21 |
2019-10-03 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, user-level permissions can be used to gain access to kernel memory, specifically the ION cache maintenance code is writing to a user supplied address. |
|
47 |
CVE-2017-9328 |
78 |
|
Exec Code |
2017-09-15 |
2019-10-03 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Shell metacharacter injection vulnerability in /usr/www/include/ajax/GetTest.php in TerraMaster TOS before 3.0.34 leads to remote code execution as root. |
|
48 |
CVE-2017-8772 |
798 |
|
Exec Code |
2017-09-20 |
2017-09-28 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
On BE126 WIFI repeater 1.0 devices, an attacker can log into telnet (which is open by default) with default credentials as root (username:"root" password:"root") and can: 1. Read the entire file system; 2. Write to the file system; or 3. Execute any code that attacker desires (malicious or not). |
|
49 |
CVE-2017-8771 |
798 |
|
|
2017-09-20 |
2017-09-28 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
On BE126 WIFI repeater 1.0 devices, an attacker can log into telnet (which is open by default) with default credentials as root (username:"root" password:"root"). The attacker can make a user that is connected to the repeater click on a malicious link that will log into the telnet and will infect the device with malicious code. |
|
50 |
CVE-2017-8759 |
20 |
|
Exec Code |
2017-09-13 |
2018-01-14 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Microsoft .NET Framework 2.0, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 4.7 allow an attacker to execute code remotely via a malicious document or application, aka ".NET Framework Remote Code Execution Vulnerability." |
