Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2023-0862

The NetModule NSRW web administration interface is vulnerable to path traversals, which could lead to arbitrary file uploads and deletion. By uploading malicious files to the web root directory, authenticated users could gain remote command execution with elevated privileges. This issue affects NSRW: from 4.3.0.0 before 4.3.0.119, from 4.4.0.0 before 4.4.0.118, from 4.6.0.0 before 4.6.0.105, from 4.7.0.0 before 4.7.0.103. The issue affects NSRW packaged by Phoenix Contact routers: from 4.6.72.0 before 4.6.72.101, from 4.6.73.0 before 4.6.73.101.

CVE
Open in Source
#web#pdf#auth

%PDF-1.5 %���� 10 0 obj << /Length 1400 /Filter /FlateDecode >> stream xڭXKs�6��W�Vjj�x����]�M&�TҴ�4Y�l���P���w�LZ�Z�F3,v�>�A����3Z �Q$X����DHL�@����g�J�3G�麩v]��YPt]���v*ny��o�@���$ϑ�$V*A �8��g�s�a�*S(�&M�1K҈����;D%�,�8�~��/1’�z������JG�bʸ� ģun�PY:h�I9��� �Rd�C�R��-LO��g��}�y9pU?��,�٪�V�V������R��i���<����X��E"|X����� �x@�t��Q�xh�T��=�c��R=Mn��ϳ�> X���v���+)b�� �-� &R�8e8���1ԅ��.�2mo8����U���y�q`�0�Q�b -x���`��Xd������LBdƝ���[„��S=t��zj�����r��wS�0lĹ�N[O֓�t�T�@ :�7w��y��Dq[q,x@g��7���$�U��B��~�Q���n�3̚�N8�h���޷k?�Q�����Z]{�Q57k댓:�n�ǃXd<����6^|�.�U����"����U95yUN��|��@�s異WJqB��봪k����l�����N���M�ҁ����8�l��m��|0�.��*��6@�`�!���WH29����ư A!E�]�w���}_;or>5k�a�G���s��hk7�����TTK�睘II�t;��h�����x�]tU�ƇDq�Y����Y� '����[���]�!���Ȩ ��_��$���ڑ.W �]X�Do��ͩ�2�9?Ą�mmxT� ��D/P(^�[G���]�v��ȣ4y�]�á�Q�O�*���Kd�@x��<�}��Aȝ}Ȑ$ �s�z?�/��X8�D��c|� f8^�m3X*Q�4C �p9�X ���#31��!^(x�!z�or8$����F�c��M�P[�>JAy2�U�’��:��X��a��atE�xJOct% ���kX���ݘ�+֖X�-~��� �C�_���%(D�Z��+�e�~�O |�}W����<���X-���q�";�<�*~�98ũ�1�V��6⊫<���Mr6&�*�V�_’�<�oM����8Z��J��$D�%��={������f�v������KH�i*N�)(Dسr� �n��+�pn

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE
CVE-2023-6905
CVE
CVE-2023-6903
CVE
CVE-2023-6904
CVE
CVE-2023-3907
CVE