CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda

CVE-2023-6905

CVE-2023-6903

CVE-2023-6904

CVE-2023-3907

In Totolink A3100R V5.9c.4577, "test.asp" contains an API-like function, which is not authenticated. Using this function, an attacker can configure multiple settings without authentication.

HackMD

*   

*   

*   *   Create new note
    *   Create a note from template
*   

*   *   Options
    *   Versions and GitHub Sync
    *   Transfer ownership
    *   Delete this note
    *   Template
    *   Save as template
    *   Insert from template
    *   Export
    *   Dropbox
    *   Google Drive
    *   Gist
    *   Import
    *   Dropbox
    *   Google Drive
    *   Gist
    *   Clipboard
    *   Download
    *   Markdown
    *   HTML
    *   Raw HTML
    *   ODF (Beta)
*   *   Sharing
    
    *   View mode
        
        *   Edit mode
        *   View mode
        *   Book mode
        *   Slide mode
        
    *   Note Permission
    *   Read
        
        *   Owners
        *   Signed-in users
        *   Everyone
        
    *   Write
        
        *   Owners
        *   Signed-in users
        *   Everyone
        
    *   More (Comment, Invitee)

Headline

CVE-2021-46006: CVE-2021-46006 - HackMD

CVE: Latest News